Recently we applied FixPack 3 IinterimFix 2 (HotFix 241) to get full cipher support for the very latest SHA-2 / TLS1.2 SSL encryption to our Domino 9.01 servers. Now, when we attempt to access them through the web via Firefox v38, this Connection Failed error:
Secure Connection Failed
An error occurred during a connection to www.somewebsite.biz http://www.somewebsite.biz. SSL peer rejected a handshake message for unacceptable content. (Error code: ssl_error_illegal_parameter_alert)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
The server log shows following message:
05/12/2015 03:09:43 PM TLS/SSL connection xxx.xx.xx.xxx(xxx)-xxx.xxx.xx.xx(xxxx) failed with server certificate chain signature alogrithms NOT supported by client
05/12/2015 03:09:43 PM TLS/SSL connection xxx.xx.xx.xxx(xxx)-xxx.xxx.xx.xx(xxxx) failed with server certificate chain requiring support for SHA512
This is not happening with Chrome or Internet Explorer and was not happening to Firefox (and Safari) before the Hot Fix was applied. There must be something wrong at our server end. Any ideas?