当我访问大多数网站时,我已经开始收到此错误-
Microsoft网站,包括MSDN知识库,Lynda.com等
有什么办法可以覆盖这个。我正在使用Chrome 45.0.2454.85 m和Firefox v.40.0.3在传说中的IE上工作正常...
最佳答案
让我们逐步了解
POODLE攻击:
POODLE攻击是一种利用某些浏览器处理加密方式的攻击。 POODLE(在降级的传统加密上填充Oracle)是启用该漏洞的漏洞的名称。
SSL 3已死,被POODLE攻击杀死:
https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
https://www.us-cert.gov/ncas/alerts/TA14-290A
如何在WebLogic上检查SSL POODLE/SSLv3错误?如何修复
SSL和Weblogic-远程PSAdmin
http://weblogic-wonders.com/weblogic/2014/10/16/check-ssl-poodle-sslv3-bug-weblogic-fix/
http://remotepsadmins.com/2015/01/24/ssl-weblogic/
** Chrome设置为在即将发布的版本中禁用和删除SSLv3
http://www.zdnet.com/article/chrome-set-to-disable-and-remove-sslv3-in-upcoming-releases/
如何解决问题:
升级证书
解决方法:
POODLE在浏览器中禁用SSLv3支持
https://zmap.io/sslv3/browsers.html
For Google Chrome:
1) Create new shortcut for your Chrome on your desktop
(2) Right click and select properties
(3) Look for Shortcut tab and add the following start-up parameter (Target field):
--cipher-suite-blacklist=0x0039,0x0033
Example:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --cipher-suite-blacklist=0x0039,0x0033
4) Click Apply and open your browser from Shortcut
You can also run above line from command window to open Google Chrome.
For Firefox:
(1) In a new tab, type or paste about:config in the address bar and press Enter.
(2) In the search box above the list, type or paste dhe and pause while the list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false
(4) Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false
(5) Restart your browser
关于google-chrome - Chrome 45和Firefox-大多数网站上的ERR_SSL_FALLBACK_BEYOND最低版本,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/32468615/