this is what i get when trying to install bblog aflter allowing it on firefox V42.0
lele.PNG
BrainFooLong
Administrator
Hm strange, i've tried the same right now and it worked just fine.
Have you tried it multiple times or did you have any ad/script blocking addon installed?
BelijKarp
same thing here, the same error message with firefox 42.0 too
Adblocker is deactivated
Post edited 1 x times, last by
Meaurk
Global Moderator
Meaurk
Global Moderator
Works fine for me, with all kind of adblocker add-ons enabled. Try to make an exception for BBLog in Mozilla as a Add-on installation site.
Step 1
Type:
about:preferences#security
in the URL bar
Step 2
click
Exceptions
Step 3
put in BBLog's URL.
Hope this helps!
Post edited 1 x times, last by
BelijKarp
BelijKarp
Hi
i tried it, but it didn#t work either.
i get the same error message again.
It always starts the download but never finishs it. before finishing i get the error message.
strange thing is i can not switch to the http, i always get the https
€dit:
After i deactivated avast for 10 minutes i could download it normally, thanks
BrainFooLong
Administrator
BelijKarp wrote:
strange thing is i can not switch to the http, i always get the https
€dit:
After i deactivated avast for 10 minutes i could download it normally, thanks
Forced to https is an expected behaviour.
Great that you got it working, strange that this depends on your Avast installation.
Our extension is officially signed by mozilla.
Post edited 1 x times, last by
ORFK
Global Moderator
ORFK
Global Moderator
probably because your TSL is using the RC4 cipher algorithm which is not safe.
an other reason could be, that i don't get any information about your validated by info..
Post edited 1 x times, last by
BrainFooLong
Administrator
BrainFooLong
Administrator
ORFK wrote:
probably because your TSL is using the RC4 cipher algorithm which is not safe.
an other reason could be, that i don't get any information about your validated by info..
When you enter getbblog.com on this websites it says it is a perfectly valid cert.
This server uses the RC4 cipher algorithm which is not secure. Disable the RC4 cipher suite and update the server software to support the Advanced Encryption Standard (AES) cipher algorithm. Contact your web server vendor for assistance.
Screenshot 2015-11-10 18.21.14.png
the installation of a cert (whats is right by yours) has nothing to do with the safety of cipher. i wouldn't trust any informations on any SSL Website which is operated by an private person (see sslhopper).
BrainFooLong
Administrator
Well, Digicert is a trusted source for my opinion, sslshopper not, you are right.
I will check the RC4 cipher and BEAST thingy but generally i don't think that this is actually the problem in this current issue.
The RC4 cipher looks only like a "too much" supported cipher in my config.
BrainFooLong
Administrator
So, i researched a while for the RC4 vulnerability thingy.
It is actually nothing to worry about, it's just a older algorithm with "not so good" security as the newer.
The problem is the nobody actually should deactivate that because it blocks many users that uses some older browsers or OS.
When you check facebook.com it has exactly the same problems as the getbblog.com cert.
Also when i check my favorite e-banking site, it's the same there.
So, RC4 is currently a must have to non-block some older OS or browsers.
This means that this cannot be the reason for the problem in the current topic.
Our SSL cert is as good as every other Domain Based cert.