Menu
As I understand, as Windows XP support was officially dropped, the newest versions of SSL certificates used in certain websites cannot be accessed by Chrome and IE on WinXP due to incompatibility. However, Firefox apparently still does support Windows XP and can access those websites freely.
I don't quite understand how the SSL certificates compatibility works, how is it possible that on Chrome and IE it requires you to switch to a new OS altogether but that's not needed when just using a different browser? Why can't a simple community developer just create a "patch" for Chrome and IE if Firefox can support them? What's the connection between the browser and the OS? Where do I draw the line?
557
Solution for this problem in XP is installing KB3055973-v3 that adds support for TLS 128-bit & 256-bit Advanced Encryption Standard (AES) cipher suites. Google for this solution and beware it is natively for English OS version, otherwise you need to modify the installation files.
106
OK, so looking at the example of mpql.net, we start with the SSL Labs analysis.
The problem appears to be that the server only supports elliptic curve cryptography (the various TLS_ECDHE_xxx suites) and, according to the MSDN articles Secure Sockets Layer Protocol and TLS Cipher Suites, Windows XP doesn't include any of the elliptic curve protocols. This is not related to the certificates per se, but to the way the web server is configured.
Firefox still works because it uses its own cryptographic library rather than using the SSL support built into Windows. Of course, if you were using a version of Firefox as old as Windows XP is, it probably wouldn't work either. :-)
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
