Details
This feature sets the minimum protocol version that may be used when negotiating TLS/SSL sessions.
Setting TLS 1.0 as the minimum protocol version mitigates the risk of negotiating an insecure protocol, such as SSL 2.0.
Solution
Perform the following procedure:
* Open the mozilla.cfg file in the installation directory with a text editor
* Add the following lines to mozilla.cfg:
lockPref(“security.tls.version.min”, 1)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.