THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
03-Mar-17 |
Initial Release |
10.0 |
11-Oct-17 |
Migration to new field notice system |
10.1 |
22-May-18 |
Fixed Broken Image Links |
Affected OS Type | Affected Release | Affected Release Number | Comments |
---|---|---|---|
NON-IOS |
5 |
5.8.0.32,5.8.1.4 |
ACS 5.8.0.32 patches 4, 5, and 6 are affected |
Defect ID | Headline |
---|---|
CSCvd22451 | Not able to launch the ACS GUI in FF 52 Browser |
Access Control System (ACS) administrators are unable to launch the ACS Login GUI with the Firefox version 52 browser in order to manage the affected ACS 5.8 versions.
Firefox Version 52 is planned to be released on March 7, 2017 as per the Mozilla Release calendar.
An ACS administrator is unable to launch the ACS GUI and receives the error "Secure Connection Failed" when the Firefox version 52 browser is used to manage the ACS. The code changes implemented in Firefox version 52 triggered this problem. The issue is addressed in ACS 5.8 Patch 7 with an update to some libraries from Mozilla to be compatible with Firefox version 52.
Note that the ACS 5.8 and ACS 5.8.1 releases are functionally equivalent, with the ACS 5.8.1 release supporting additional hardware platforms. These two releases leverage common patches and the issue occurs for patches installed on either ACS 5.8 or 5.8.1. This issue does not affect releases earlier than ACS 5.8.
An ACS administrator is not able to launch the ACS Login GUI with the Firefox version 52 browser.
For customers that run the affected ACS versions and Firefox version 52, upgrade to ACS 5.8 Patch 7. This patch can be applied on either ACS 5.8 or ACS 5.8.1.
If it is not possible to apply ACS 5.8 Patch 7 when Firefox version 52 is used, then the provided workaround can be used in order to modify settings in the Firefox browser. If the workaround is used, then it is recommended to revert the modifications once ACS 5.8 Patch 7 is installed.
Workaround
In order to be able to launch the ACS GUI with Transport Layer Security (TLS) v1.1, set the "security.tls.version.max" parameter to 2 in Firefox version 52 with this procedure:
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.