FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.


Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefox
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2 (or TLS 1.3)

macOS 'plist' file:
Add the following:
<string>tls1.2</string> (or <string>tls1.3</string>)

Linux 'policies.json' file:
Add the following in the policies section:
'SSLVersionMin': 'tls1.2' or ('SSLVersionMin': 'tls1.3')

See Also


Item Details

References: CAT|I, CCI|CCI-001453, Rule-ID|SV-251546r820745_rule, STIG-ID|FFOX-00-000002, Vuln-ID|V-251546

Plugin: Unix

Control ID: 9f88146a91709e56d3e79e63cbcc8291e7a78d4acf4699ad143c37c38dee1a9b