Just a heads-up for everyone, that we in Serv-U team have noticed some changes in last versions of Firefox are causing upload issues. We are busily working on this, trying to figure out what was changed in Firefox so it's causing this. If you have experienced any upload issues, please contact our support via Submit a Customer Service or Technical Support Ticket - SolarWinds and let us know! We will keep you updated.
Thanks!
Peter
Hi Peter,
Do you have an update on this as it is causing significant ongoing problems, especially as many people use the auto-update function of Firefox.
Have tested the problem after reports and have 2 test machines both with Firefox 36.0.4, one of them fails with any file larger than 6KB, the other is all ok.
Could you confirm what the problem is and any mitigating procedures, apart from using another browser?
Thank you in advance.
Also, we notice it works all ok on HTTP, the problem only exists on HTTPS. Is it something related to recent changes in SSL support?
Further update from this end..
This is the cipher that Firefox uses and allows logins, but when uploading it has the problems stated above..
However, on the client side, if you run Avast anti-virus it will intercept the SSL certificate for some kind of verification, this makes firefox use a different cipher and this works, no uploading problems.
So it looks like its a problem with a specific ciper in Serv-U and the latest firefox tries to use that cipher by default?
What do you think peter.kruty?
Also, people have reported that the latest version of filezilla has a problem listing directories once connected using FTP with TLS (which is now default in FileZilla's latest version). Could this be related? Serv-U disconnects instead of directory listing
Nice work around.
I think firefox's recent update fumbles some SSL packets on startup. Your proxy probably fixed the packets that firefox messed up.
I think Fiddler (another proxy) also fixes the messed up packets.
I see! Its rather suprising and more an accident we found this.
However, it is not a fix for our end users - any ideas?
Filezilla probably got the same ssl update that firefox did- I think you might be right. It could be the same issue.
Any update peter.kruty?
It appears to be related to Firefox 37 no longer supporting TLS v1.0. In my case the IIS service is supporting TLS 1.0 when the updated browser no longer supports it.
The following URL (An https site I have been using for years suddenly is no longer accessible "because the authenticity of the received dat…) has a walkthrough on how to get Firefox 37 working with Orion.
I have a case open with SolarWinds to find out what supported steps can be taken to fix the issue
Thanks Devin.
Any update from Solarwinds on this peter.kruty?
Just got an update from Solarwinds. They reference the following KB article:
SolarWinds Knowledge Base :: Protecting Against "POODLE" security vulnerability (CVE-2014-3566)
I challenge this response as I would hope that the Orion web service supports TLS 1.2, and if it did, my Firefox client would also attach at that version. I have not responded to the TAC engineer with my response but I plan to at some point.
We just released Hotfix addressing this issue. You can download it here:
http://downloads.solarwinds.com/solarwinds/Release/HotFix/SU-v15.1.1-HotFix3.zip
Thanks Peter. Would you mind linking to the release notes for the patch as well?
There are no release notes for this HF. It is specifically release just to address this issue, we wanted to get it out asap. Is there some specific information you are looking for?
