ssl_error_rx_malformed_server_hello

[Nun2Swoon]

When the 32.1.1 TLS 1.3 protocol downgrade sentinel is invoked, it would be helpful to have an optional log to record instances of the malformed server hellos. Each instance recorded could have enough detail such that an automated script could then send information to a website administrator (email address obtained via a DNS inquiry) requesting that they fix the TLS 1.3 protocol downgrade errors.

I have talked with a CIO for a fix on their web site, but there are too many other web sites with a malformed hello response to follow up on with either a personal discussion or a manual email preparation process. For this website, I have suggested that the CIO validate the corrected malformed hello response by usage of the Pale Moon 32.1.1 release or later.

This is a wishlist item for sure.

[Moonchild]

When the 32.1.1 TLS 1.3 protocol downgrade sentinel is invoked, it would be helpful to have an optional log to record instances of the malformed server hellos. Each instance recorded could have enough detail such that an automated script could then send information to a website administrator (email address obtained via a DNS inquiry) requesting that they fix the TLS 1.3 protocol downgrade errors.

This falls squarely outside of the browser scope.

(One could, however, write an extension that does exactly that)

[harryh89]

I get the same issue trying to log into my modem admin page. I try to connect with http://192.168.100.1 and PM changes it to https: then get the server error. Likely because Motorola(Zoom) has poor firmware. I can connect with Brave after accepting the warning about unsafe.

[Moonchild]

trying to log into my modem admin page

You can use the workaround as posted in this thread and release notes.

[harryh89]

Thanks for the response. I'm unclear why I cannot connect without any security - http: vs https:. PM forces use and replaces http with https. I suppose I could use the changes described earlier about allowing a lower TLS level. With Brave or Vivaldi both allow the http:/192,168.100.1 by noting the router has a security exception and prompting me to connect anyway. Why can't that work on a per site basis rather than use the TLS workaround for all sites? Will the change be potentially harmful?

[Moonchild]

PM forces use and replaces http with https.

No, that would be your router doing this.

With Brave or Vivaldi both allow the http:/192,168.100.1 by noting the router has a security exception and prompting me to connect anyway.

That means Brave and Vivaldi are not displaying the URL correctly, since security exceptions are not a thing for http:// addresses.
So you're actually connecting through https but those browsers don't show you.

Why can't that work on a per site basis rather than use the TLS workaround for all sites?

This can't work because the error occurs at protocol negotiation time which is before the browser knows which hostname it is connected to. Protocol negotiation is the first thing that happens after establishing the network connection at the low level. Only after that is done, data like host name, certificates and encryption details are negotiated.

[Nun2Swoon]

Determined that almost every site I access which uses Let' s Encrypt as its SSL Certificate issuer and is still using a prematurely {https://cloudraya.com/knowledge-base/fi ... rtificate/} expiring intermediate root certificate is always generating a "ssl_error_rx_malformed_server_hello" error in the latest Pale Moon browser (32.2.0).

Setting the security.tls.hello_downgrade_check to false allows me to get a more accurate message that Pale Moon is not happy with the "expired" Let's Encrypt certificate ("This Connection is Untrusted") and that an "exception" is needed to use this expired certificate.

[nicaragua]

I had to alter security.tls.hello_downgrade_check to false because the browser won't otherwise let me visit a site with expired (abandoned) cert: https://helpin.red/

[Raava]

In all recent PM versions I never had this issue, but now i tried accessing a site where it happens, using 32.4.1.linux-x86_64-gtk2:
Site https://ugetdm.com/features

Secure Connection Failed

An error occurred during a connection to ugetdm.com.

SSL received a malformed Server Hello handshake message.

(Error code: SSL_ERROR_RX_MALFORMED_SERVER_HELLO)

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

Same with other pages, like
https://ugetdm.com/screenshots
https://ugetdm.com/qa/faq

Got these URLs from here: https://sourceforge.net/projects/urlget/

- Quick Links -
Features: https://ugetdm.com/features
Screenshots: https://ugetdm.com/screenshots
Blog: https://ugetdm.com/blog
Support: https://ugetdm.com/qa
Frequently Asked Questions (FAQs): https://ugetdm.com/qa/faq
RSS Feed: https://ugetdm.com/rss
GitHub: https://github.com/chhuang-one

───────────────────────────────────────────────────────

you can try setting security.ssl.enable_tls13_compat_mode to true. if that doesn't help, another thing you can try is setting security.tls.version.max to 3.

Set security.ssl.enable_tls13_compat_mode to true - same error.
security.tls.version.max was set to 4. Setting it to 3 gets me this

This Connection is Untrusted

You have asked Pale Moon to connect securely to ugetdm.com, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

Technical details

ugetdm.com uses an invalid security certificate.
The certificate expired on 09/15/2023 01:59 AM. The current time is 10/14/2023 12:29 AM.
(Error code: SEC_ERROR_EXPIRED_CERTIFICATE)

Is it really an insecure connection? Is it safe to create an exemption? Did ugetdm.com not manage to renew its certificate in time?

Update
When creating an exemption for accessing https://ugetdm.com/ - is it the best (most secure) to re-set security.tls.version.max back to 4 after I am finished with ugetdm.com ?

[Moonchild]

Is it really an insecure connection?

Strictly speaking: Yes, because it's an expired certificate that isn't valid (and could have been taken from an old install or somesuch), and you're on a lower TLS version than you should be. Practically speaking if it's still TLS 1.2 you're probably OK (if the cert expiration date is very recent) but the webmasters do need to fix this asap.

Set security.ssl.enable_tls13_compat_mode to true - same error.

That usually doesn't help here. It's outdated info.
The issue is that there seems to be a fairly common misconfiguration that forces TLS downgrades on cert errors, which runs into the downgrade sentinel in our current NSS library.
What will help is setting security.tls.hello_downgrade_check to false to disable the downgrade sentinel, if you absolutely must connect to a server configured that way. Your TLS will still be downgraded to a potentially less secure protocol version, but it would allow you to connect without compromising TLS 1.3 on all other sites as well which the alternative setting does.

[Raava]

Anyhow, I accepted the exemption for https://ugetdm.com but now I want to remove it.
But I do not see it anywhere using "Preferences / Tab security"
Is there a file in my profiles folder that I need to delete? Or do I first have to stop Palemoon and then delete a certain file?

Strictly speaking: Yes, because it's an expired certificate that isn't valid (and could have been taken from an old install or somesuch), and you're on a lower TLS version than you should be. Practically speaking if it's still TLS 1.2 you're probably OK (if the cert expiration date is very recent) but the webmasters do need to fix this asap.

Tried sending ugetdm.com a message but that fails. On the form page it only says [recaptcha] (as in: plain text) instead of displaying a real recaptcha. And when trying to sent the message it states

There was an error trying to send your message. Please try again later.

Tried again later several times to no avail.

But that site also says the site is made possible via https://tuxdigital.com so I sent a message about the cert issue on ugetdm via https://tuxdigital.com/contact/ … Maybe that gets a result.

[Garland]

I have Pale Moon 32.4.1 on 64-bit Windows 8.1. I entered classiccollision.com, which redirects to https://classiccollision.com/ I see:

Code: Select all

Secure Connection Failed
An error occurred during a connection to classiccollision.com.
SSL received a malformed Server Hello handshake message.
(Error code: SSL_ERROR_RX_MALFORMED_SERVER_HELLO)

I set security.tls.hello_downgrade_check to false, allowed the security exception, and then I could access the site.
The certificate is not expired, and the technical details shows it is encrypted with TLS 1.3.

I am willing to contact the web master if the problem is with the site and not Pale Moon. But I would need to give the web master technical info about the problem and solution. I need help from Pale Moon forum users for this because I don't see what the web master did wrong. I would also like to understand this better in case I experience the same problem with other sites.

[Navigator]

I am having trouble signing in to my Asus router again. It has been a while since I have done that so I cannot be certain that the update to 32.5.1 is the source of the problem, but when I read in the release notes "Restricted protocol fallback for TLS" I thought, "this sounds familiar, I better check" and sure enough I could not sign in.

I don't get an error, but when I click sign-in it recycles the sign-in page without signing in. I set security.tls.version.max;3 but the problem remains. Is there a new work-around for this issue?

[Nigaikaze]

Is there a new work-around for this issue?

Maybe try setting security.tls.hello_downgrade_check to false in about:config?

[Moonchild]

I set security.tls.version.max;3 but the problem remains.

Then it is most certainly unrelated, since you're forcing TLS 1.2 in that case, completely bypassing the mechanism.

Have you tried clearing your cache and cookies?

[Navigator]

Then it is most certainly unrelated, since you're forcing TLS 1.2 in that case, completely bypassing the mechanism.

Have you tried clearing your cache and cookies?

I did that and now it works! Thank you, and I am sorry I wasted your time by not trying these first. I was convinced it would be a TLS thing again.