SVL 3 Problem



  • Hi everybody,

    i've got this problem with my new installation of PfSense.
    When i navigate on some websites i receive a block and Pfsense displays the message below.

    Before i write this message, i check in the forum, and i change the "compatibility mode" of proxy server
    to INTERMEDIATE but it still doesn't work, and i put the Ip in the Bypass proxy.

    Can someone help me, please?


    The following error was encountered while trying to retrieve the URL: https://access.mef.gov.it/*

    Failed to establish a secure connection to 5.152.246.63

    The system returned:

    (92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

    Handshake with SSL server failed: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

    This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.

    Your cache administrator is administrator@domain.it.



  • LAYER 8 Global Moderator

    Who would still be using slv3 ??  Been dead for years ;)

    That site only gets a C btw..
    https://www.ssllabs.com/ssltest/analyze.html?d=access.mef.gov.it



  • Any solution to get program ready to work?
    Can you suggest any setting to let all employees navigate on the webiste to avoid blocking?

    Thank you.


  • LAYER 8 Global Moderator

    what version of pfsense did you install.. I don't see how proxy would be even attempting to use ssl3

    And you shouldn't even be doing proxy of https anyway..  You can filter it for the connect but the client should be end to end for https - mitm middle opens up a whole can of worms from privacy and security points of view.



  • Ok, i understand the problem. I thought there was a possibility
    to bypass it.

    Thank you anyway.


Log in to reply