Error code: SSL_ERROR_NO_CYPHER_OVERLAP in V 60.2 ESL
Cannot connect to secure websites.
https://www.hvfcuonline.org/tob/live/usp-core/app/initialLogin https://www.amtrak.com/
Under CENTOS 6.10 and RHEL6.9 (on two machines) using Firefox 60.2 ESL Tried setting numerous custom settings in config per previous posts and no help Ran in safe mode to eliminate plugins. First link only shows the problem after entering your login. amtrak link shows problem at page load. These are the only two sites I have seen the problem with.
Text of error:
Secure Connection Failed
An error occurred during a connection to www.hvfcuonline.org. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
All Replies (3)
Update, RHEL6.9 is using Firefox 50.2, CENTOS6.10 is using 60.2.
Works fine here.
This server only supports TLS 1.2, so make sure that TLS 1.2 is enabled.
- https://www.ssllabs.com/ssltest/analyze.html?d=www.hvfcu.org
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
There are TLS settings prefs on the about:config page that specify the minimum and maximum TLS version.
- security.tls.version.min = 1
- security.tls.version.max = 3 or 4
- 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;
You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.
Hi, Thank you for the reply,
I have tried a few different options for the tls security. Currently set to min=1, max=4 I included a snapshot with all the tls options.
I can get to the main page on the hvfcu page but cannot get to the login hvfcuonline page. The amtrak page will not even load. Using the ssl test page you provided I do see one thing in common. Also I noted the test page only tests the windows client.
Picture shows many fail connection: https://www.ssllabs.com/ssltest/analyze.html?d=www.hvfcuonline.org
Picture shows one fail connection: https://www.ssllabs.com/ssltest/analyze.html?d=www.amtrak.com
Does Firefox 60.2 and 50.2 under RHEL 6 look like any of these?
Thank you,
Bart