11 down vote

I have encountered the same problem after upgrading to Firefox 33 with Tomato ro
uter. The key length is a problem here.
Tomato generates 512 bit long RSA key by default. However, Firefox 33 requires m
inimum 1024 bit key.
I had to manually generate a longer key in Tomato.
I did that following way:
Log in using ssh to the router.
cd /tmp
cp /usr/sbin/gencert.sh .
chmod +w gencert.sh
Edit the gencert.sh file you copied and change the following line:
openssl req -new -out /tmp/cert.csr -config openssl.config -keyout /tmp/priv
key.pem -newkey rsa:512 -passout pass:password
into:
openssl req -new -out /tmp/cert.csr -config openssl.config -keyout /tmp/priv
key.pem -newkey rsa:1024 -passout pass:password
./gencert.sh $(date +%s)
nvram unset https_crt_file
nvram commit
service httpd restart
Now httpd will use the new certificate. If you have "Save in NVRAM" checkbox ena
bled it will be saved in NVRAM and survive router reboot.
Do not check "Regenerate" checkbox, because automatically regenerated certificat
es are still 512 bit long.
If you remove your certificate from NVRAM, you must repeat procedure described a
bove.
Firefox 34 and newer:
Starting from Firefox 34 you need to additionally enable SSL 3.0 support in Fire
fox configuration:
Enter about:config address in the URL bar.
Set the following options to 0:
security.tls.version.fallback-limit
security.tls.version.min