在瀏覽OAI資料時,遇到http2網站問題
範例: https://gitlab.eurecom.fr/oai/openairinterface5g/-/wikis/OpenAirSystemRequirements
下面在這兩個瀏覽器出現的錯誤訊息代表,想瀏覽的網站是http2的
Firefox NS_ERROR_NET_INADEQUATE_SECURITY
Chrome ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY
在蘋果裝置Safari可直接瀏覽
但windows跟linux裝置的瀏覽器通常不行了
目前實測Firefox ESR在windows跟ubuntu可以正常瀏覽
https://www.mozilla.org/zh-TW/firefox/enterprise/
安裝好另外做下面設定
新的空白分頁網址列輸入 about:config
If a warning screen comes up, press the I Accept the Risk button. At the top of the screen is a search bar.
搜尋network.http.spdy.enabled.http2
將其改成false
Setting
NS_ERROR_NET_INADEQUATE_SECURITY indicates that the server initiates a HTTP/2 connection, but Firefox detects an invalid TLS configuration in the server response (server negotiated HTTP/2 with blacklisted cipher suites). This is likely not an issue with the certificate, but this is a problem with the server setup and there are invalid cipher suites for HTTP/2 claimed (INADEQUATE_SECURITY).
http://httpwg.org/specs/rfc7540.html#TLSUsage There might also be other software that acts as a MITM and is interfering. When HTTP/2 is enabled and used then the requirements are much stricter than with HTTP/1.1 You can get the NS_ERROR_NET_INADEQUATE_SECURITY error message in case the server isn't configured properly.
A workaround to fix this ANNOYING issue is; network.http.spdy.enabled.http2 = false in about:config
Type about:config<enter> in the address bar. If a warning screen comes up, press the I Accept the Risk button. At the top of the screen is a search bar.
但是Ubuntu會跟一般的firefox在同一個圖示下
我會建議用chrome跟firefox給OAI官網專用
以安全性來說會比較好,畢竟這個ESR的安全性是比較差的
沒有留言:
張貼留言