Your message dated Sun, 7 Jan 2007 15:34:36 +0200 with message-id <200701071534.39563.geromanas@mailas.com> and subject line Bug#403638: Unable to Access https Internet banking site using konqueror has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: Unable to Access https Internet banking site using konqueror
- From: Ruairi Hickey <Ruairi.Hickey@dkit.ie>
- Date: Mon, 18 Dec 2006 15:19:25 +0000
- Message-id: <200612181519.25716.Ruairi.Hickey@dkit.ie>
- Reply-to: Ruairi.Hickey@dkit.ie
Package: konqueror Version: 3.5.5a.dfsg.1-2 uname -a Linux e103-hickeyr-debian 2.6.18-3-xen-686 #1 SMP Mon Dec 4 20:48:20 UTC 2006 i686 GNU/Linux # ls -al /lib/libc.so.6 lrwxrwxrwx 1 root root 13 2006-11-20 13:09 /lib/libc.so.6 -> libc-2.3.6.so When I follow the links on my banks website to log into their Internet banking site it opens up a new windows which trys to connect to https://internetbanking.aib.ie/hb1/roi/presign.jsp The output is An error occurred while loading https://internetbanking.aib.ie/hb1/roi/presign.jsp: Could not connect to host internetbanking.aib.ie. If I right click the link and open it in firefox it loads OK. I do not have this problem on my home desktop which runs kubuntu, only on my laptop / work desktops which but run etch. Ruairi
--- End Message ---
--- Begin Message ---
- To: nive@nivalis.org
- Cc: 403638-done@bugs.debian.org, Ruairi Hickey <Ruairi.Hickey@dkit.ie>
- Subject: Re: Bug#403638: Unable to Access https Internet banking site using konqueror
- From: Modestas Vainius <geromanas@mailas.com>
- Date: Sun, 7 Jan 2007 15:34:36 +0200
- Message-id: <200701071534.39563.geromanas@mailas.com>
- In-reply-to: <[🔎] 200701071135.24567@nivalis.org>
- References: <200612181519.25716.Ruairi.Hickey@dkit.ie> <20061220125721.GA12523@pryan.sytes.net> <[🔎] 200701071135.24567@nivalis.org>
Hi, 2007 m. sausis 7 d., sekmadienis 12:35, Olivier Trichet rašė: > In the configuration panel of konqueror, in the cryptography menu, > uncheck « use ssl v2 ». Then the bug appears. > > Ruairi, can you confirm that enabling SSLv2 make it works ? > > Anyway, what I fails to understand is that the site has a SSLv3 > certificate ! Indeed, SSL of that site seems to be broken. If SSLv2 is disabled in konqueror, konqueror sends TLSv1 client hello, but then the remote server immediately closes the connection. Konqueror gives up at this point. If SSLv2 is enabled, konqueror sends SSLv2 Client Hello requesting TLSv1 protocol version and succeeds. The site rejects iceweasel in the same way, however weasel is more "clever". Once the connection is closed by the remote server, it resends SSLv2 hello (even if SSLv2 is disabled, the main difference from konqeueror) requesting SSLv3 protocol version and succeeds. Given both cases, I think konqueror is doing the right thing here. If SSLv2 is disabled, it is not used for anything. However, if you want to simulate iceweasel behaviour in konq, leave SSLv2 enabled but disable all SSLv2 ciphers. Closing the bug again...Attachment: pgpzIObOuCG_G.pgp
Description: PGP signature
--- End Message ---