Palemoon stuck in loading loop when using with a local proxy. RFC 5746, see CVE-2009-3555 errors Topic is solved

[pmjack]

I use Proxydomo, a local proxy, to filter the web. It has https filter using user certificate. This works fine in Firefox 52 ESR.
When I try it with Palemoon and it's giving me this error on every https pages:

Code: Select all

server does not support RFC 5746, see CVE-2009-3555

Palemoon sometime takes forever to load a secure page. When it does, it's get stucked in loading mode and the spinning icon keeps going forever. If I refresh the page while it's still loading, then it will finish loading. It seems like it's some caching error? I did a search and it seems like it was a common problem with Firefox 3.6.x back in the day. Maybe it's something Palemoon still suffers from? Need fix.

[Moonchild]

Your proxy doesn't properly support renegotiation handshakes. This is probably just the tip of the proverbial iceberg, leading to stalled connections. Does it even support http/2? Does it have a usable/stable SPDY implementation?

For important reasons, you should not use an https filtering proxy, ever. You are MitM-ing yourself and preventing proper TLS authentication. In addition, you may be severely weakening your outbound connection security.

I suggest you don't use the filtering proxy with Pale Moon.

EDIT: Seems not closing connections is a known issue in that proxy. You'll run out of available server connections very quickly, that way. If connection pools get saturated, no new connections can be made. So.. that's a serious issue with the proxy. Firefox may have less of an immediate issue because Firefox allows by default for a very large number of concurrent connections.
https://github.com/amate/Proxydomo/issues/50
A potential workaround would be to increase network.http.max-connections and network.http.max-persistent-connections-per-proxy (try doubling the amount)