THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Migration to new field notice system
|Affected OS Type
||Affected Release Number
ACS 220.127.116.11 patches 4, 5, and 6 are affected
||Not able to launch the ACS GUI in FF 52 Browser|
Access Control System (ACS) administrators are unable to launch the ACS Login GUI with the Firefox version 52 browser in order to manage the affected ACS 5.8 versions.
Firefox Version 52 is planned to be released on March 7, 2017 as per the Mozilla Release calendar.
An ACS administrator is unable to launch the ACS GUI and receives the error "Secure Connection Failed" when the Firefox version 52 browser is used to manage the ACS. The code changes implemented in Firefox version 52 triggered this problem. The issue is addressed in ACS 5.8 Patch 7 with an update to some libraries from Mozilla to be compatible with Firefox version 52.
Note that the ACS 5.8 and ACS 5.8.1 releases are functionally equivalent, with the ACS 5.8.1 release supporting additional hardware platforms. These two releases leverage common patches and the issue occurs for patches installed on either ACS 5.8 or 5.8.1. This issue does not affect releases earlier than ACS 5.8.
An ACS administrator is not able to launch the ACS Login GUI with the Firefox version 52 browser.
For customers that run the affected ACS versions and Firefox version 52, upgrade to ACS 5.8 Patch 7. This patch can be applied on either ACS 5.8 or ACS 5.8.1.
If it is not possible to apply ACS 5.8 Patch 7 when Firefox version 52 is used, then the provided workaround can be used in order to modify settings in the Firefox browser. If the workaround is used, then it is recommended to revert the modifications once ACS 5.8 Patch 7 is installed.
In order to be able to launch the ACS GUI with Transport Layer Security (TLS) v1.1, set the "security.tls.version.max" parameter to 2 in Firefox version 52 with this procedure:
1. Open Firefox.
2. In the address bar, type about:config and press Enter.
3. In the Search field, type tls. Find and double-click the entry for "security.tls.version.max".
4. Set the integer value to 2 in order to force the protocol of TLS 1.1. After ACS 5.8 patch 7 is installed, it is recommended to set the value back to 3 (default in Firefox version 52) in order to revert the workaround.
5. Click OK.
6. Close your browser and restart Mozilla Firefox.
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.