bong.mau Posted May 15, 2019 Share Posted May 15, 2019 Hi env: win xp pro sp3 ... a lot of https sites migrate to tls 1.2 i need to enable it with win xp.... i follow step by step i'm able to see in advanced internet option tls 1.1 and tls 1.2..... i select tls 1.2 but my ie8 is still unable to open tls 1.2 sites here one https://comedonchisciotte.org/ any help will be appreciated regards ...Maurizio Link to comment Share on other sites More sharing options...
bong.mau Posted May 15, 2019 Author Share Posted May 15, 2019 further info ... i follow the msfn guide : "Enable TLS 1.1 and 1.2 in Windows XP correctly" i modified register... i installed the two updates i modified again the register then i was able to see tls 1.1. and tls 1.2 choices in internet option... i select tls 1.2 but still ie8 was not able to display tls 1.2 sites what i'm worong ? Link to comment Share on other sites More sharing options...
ED_Sln Posted May 15, 2019 Share Posted May 15, 2019 It seems that the site uses TLS 1.3. Such a site in XP can only be opened in Firefox / Basilisk or 360 Extreme Explorer. Link to comment Share on other sites More sharing options...
dencorso Posted May 15, 2019 Share Posted May 15, 2019 Link to comment Share on other sites More sharing options...
Mathwiz Posted May 15, 2019 Share Posted May 15, 2019 Or you can install ProxHTTPSProxy v1.5, which supports TLS 1.3: On 1/31/2019 at 4:05 PM, heinoganda said: Have new build generated by ProxHTTPSProxy v1.5 (Rev3a), with small changes script, various python modules updated, config.ini supplemented by some entries, CA certificates (cacert.pem) updated and alternativ cacert.pem from MSCerts (Cert_Updater) 11/28/2018. If anyone has interest please write a PM to me. Info: At Python 3.44 the support ends in March 2019. With the latest cryptography module version 2.5 (Jan 22, 2019) ProxHTTPSProxy does not work on Windows XP anymore. Last working version 2.4.2 (Nov 21, 2018). 1 Link to comment Share on other sites More sharing options...
VistaLover Posted May 15, 2019 Share Posted May 15, 2019 (edited) 7 hours ago, ED_Sln said: It seems that the site uses TLS 1.3 ... Actually, this statement is not entirely accurate; the site does indeed support TLS protocol versions down to even v1.0: https://www.ssllabs.com/ssltest/analyze.html?d=comedonchisciotte.org&s=104.24.109.160 However, adding TLS 1.2 protocol support to an OS (XP in this case) is one thing, but adding support for needed Cypher Suites to match that protocol is, sadly, another thing! If you inspect closely the supported cypher suites for even TLS 1.0 (natively supported in XP's IE8), you'll see that only Elliptic Curve (ECDHE) Suites are accepted by that site, but, unfortunately, ECC is NOT supported under Windows XP, thus the secure connection can't be established! Under Vista SP2, I have also enabled TLS 1.2 protocol in IE9 (via a set of MS updates - Server 2008 intended - and hacks similar to those available under XP) and there IE9 has no issues connecting with TLS 1.2: FWIW, it even connects with plain TLS 1.0 (when I manually disable 1.1 & 1.2): So, in this specific case, it's all about the OS, not the protocol only... Edited May 15, 2019 by VistaLover 1 Link to comment Share on other sites More sharing options...
VistaLover Posted May 15, 2019 Share Posted May 15, 2019 10 minutes ago, Mathwiz said: Or you can install ProxHTTPSProxy v1.5, which supports TLS 1.3: According to this, latest version is v1.5 Rev 3c; sadly, I haven't been following very closely the progress of that project lately, but was under the impression it could only go as far as TLS 1.2; @heinoganda, would you be so kind as to verify that actual support for TLS 1.3 Final has been indeed achieved? Best wishes and congratulations for your efforts Link to comment Share on other sites More sharing options...
Dave-H Posted May 15, 2019 Share Posted May 15, 2019 It seems to be fine. IE8 with HTTPSProxy. 2 Link to comment Share on other sites More sharing options...
bong.mau Posted May 16, 2019 Author Share Posted May 16, 2019 Thanks to all for the great support !! i search last win xp supported version ..according to " ProxHTTPSProxy does not work on Windows XP anymore. Last working version 2.4.2 (Nov 21,2018)." i have a test machine,i will install product and provide feedback Link to comment Share on other sites More sharing options...
Dave-H Posted May 16, 2019 Share Posted May 16, 2019 (edited) @heinoganda has built a more up to date version of HTTPSProxy that works on XP. A lot of us are using it. PM him to ask about it. Edited May 16, 2019 by Dave-H Amendment Link to comment Share on other sites More sharing options...
bong.mau Posted May 16, 2019 Author Share Posted May 16, 2019 Sent message to heinoganda Link to comment Share on other sites More sharing options...
heinoganda Posted May 16, 2019 Share Posted May 16, 2019 (edited) Test in IE8 with HTTPSProxy v1.5 REV3c I recommend using a more up-to-date web browser. Edited May 16, 2019 by heinoganda 1 Link to comment Share on other sites More sharing options...
bong.mau Posted May 16, 2019 Author Share Posted May 16, 2019 Hi heinoganda thanks for the quick answer ! ...tomorrow i will proceed installing proxy I'm running firefox 52.6.0esr and chrome 49.0.2623.112 (last xp version) ..Firefox is able to open the site,chrome and IE8 not win xp run very fast on my old laptop, and i do not want to change OS.... Link to comment Share on other sites More sharing options...
heinoganda Posted May 16, 2019 Share Posted May 16, 2019 1 minute ago, bong.mau said: Firefox is able to open the site,chrome and IE8 not With HTTPSProxy v1.5 REV3c the website works in Google Chrome as well. Link to comment Share on other sites More sharing options...
VistaLover Posted May 16, 2019 Share Posted May 16, 2019 1 hour ago, bong.mau said: I'm running firefox 52.6.0esr ... Is there any specific reason you had not upgraded to the more secure 52.9.0esr version? 52.9.0esr is the last 52ESR build to have been officially released (and, of course, the last version of Firefox that would support XP/Vista), there shouldn't be any compatibility issues (extensions-wise or other) between what you now have (52.6.0esr) and the last of its breed, 52.9.0esr... Have you disabled application updates in Firefox? I was under the impression 52.6.0esr would auto-update to 52.9.0esr Best regards 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now