i tried to use the Firefox ESR under Byzantium, but the FireFox is outdated and can’t support the current cipher sets. On my own server i got the following message.
That seems wrong. From that error I’m reading that, it’s the website that is trying to use older protocols, contrary to what the ssltest shows. Repo shows that the ESR is pretty recent. Does the problem persist?
There is a form of attack also that tries to lower the encryption level of the transfer but modern browsers should show just this kind of warning, if memory serves. Not saying it’s that but…curious.
You can see it on the SSLLabs-Report my pages/servers are only support heavy ciphers and a min. of TLS 1.2. Typical pages are more unsecure and supports lower cipher sets - not my pages - in this case you can find unsecure systems/apps …
One thing i do not understand … with L5 Amber-Image it works with FF and Gnome-Webbrowser works also in Byzantium, but with to much issues on page rendering …
I tested the same version ESR to your page and had no problems. And I agree, that the report is showing that there shouldn’t be any problem with the site either. Hence, the idea (an attack is just one, extreme, example) that it’s something specific to you or your device. The classic questions: problem and message persists after restarts and re-installation? Gnome browser works?
I’ve had this problem for the last few weeks on my Pinephone Mobian. Since I’m on the road, I haven’t had much time to troubleshoot. My workaround has been to tell Firefox to stop bugging me.
The command below adds the Debian Sid repo to your device’s sources.list file, checks for updates from all the repos in your device’s sources.list file, installs the most up-to-date version of the package “libnss3” (fixing the recent Firefox issue), and then removes the last line from your device’s sources.list file (which is the line we added in the beginning of this command).
I could have sworn that I ran this command without error, but checking again, now I get a permission issue. So you need to use something like nano to manually add “deb https://deb.debian.org/debian sid main” (without quotes) into /etc/apt/sources.list on a new line, then run an update and install the libnss3 package, and then manually remove the line that was added.
After some corrections, this is the command to fix Firefox, by installing the updated libnss3 package from the Debian Sid repo and then removing the Debian Sid repo: