Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Ce site disposera de fonctionnalités limitées pendant que nous effectuons des opérations de maintenance en vue de vous proposer un meilleur service. Si un article ne règle pas votre problème et que vous souhaitez poser une question, notre communauté d’assistance est prête à vous répondre via @FirefoxSupport sur Twitter, et /r/firefox sur Reddit.

Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Ce sujet de discussion a été archivé. Veuillez poser une nouvelle question si vous avez besoin d’aide.

ssl_error_no_cypher_overlap in Firefox developer edition, Warning Triangle in Firefox but working OK in Chrome

  • 3 réponses
  • 9 ont ce problème
  • 2 vues
  • Dernière réponse par RichardCocks

RichardCocks
RichardCocks
more options

When Browsing with Chrome to https://apollo.adc.uk.com the certificate shows fine and shows a SHA256 signed certificate.

In Firefox (36.0) it shows a grey warning triangle and the console shows "This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1." and I cannot use firefox to show the certificate details.

In Firefox Developer Edition (38.0a2 (2015-03-01)) it shows an Error Page with Error code: ssl_error_no_cypher_overlap

We have been in contact with both our hosting company (who configure SSL termination on the LB) and the certificate issuers to ask for support but they report everything is OK as expected and they suspect a Firefox bug.

When Browsing with Chrome to https://apollo.adc.uk.com the certificate shows fine and shows a SHA256 signed certificate. In Firefox (36.0) it shows a grey warning triangle and the console shows "This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1." and I cannot use firefox to show the certificate details. In Firefox Developer Edition (38.0a2 (2015-03-01)) it shows an Error Page with Error code: ssl_error_no_cypher_overlap We have been in contact with both our hosting company (who configure SSL termination on the LB) and the certificate issuers to ask for support but they report everything is OK as expected and they suspect a Firefox bug.

Toutes les réponses (3)

philipp
philipp
  • Moderator
more options

hi RichardCocks, this is no bug in the browser - your site only offers weak TLS_RSA_WITH_RC4_128_SHA encryption which should be considered broken. according to this recent proposal browsers have to stop supporting RC4: https://tools.ietf.org/html/rfc7465

starting with firefox 38, the browser will show the error message you've referenced on affected sites...

James
James
  • Top 25 Contributor
  • Moderator
more options

https://www.ssllabs.com/ssltest/analyze.html?d=apollo.adc.uk.com&hideResults=on

https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Modifié le par James

RichardCocks
RichardCocks Auteur de la question
more options

Thanks, I have passed this info onto the hosting company and we have worked to resolve this issue.