This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

'SSL_ERROR_NO_CYPHER_OVERLAP' is driving me crazy

  • 5 replies
  • 2 have this problem
  • 5 views
  • Last reply by cor-el

more options

aye folks!

since the last ff update i get this error all the time. i tried to find a solution online and there was more than enough content. the big problem: i can't reach like 60% of the sites regarding this because firefox denies the access. it's my job to look at a lot of content everyday and gather the information. i can't do that atm. thats not nice at all. i already checked all my addons and plugins, my anti virus software and both firewalls.. my own and the central one. there is just no way to get around this.

but maybe i missed something when i did my research. is there any way to get around this? (i can't open the sites in another browser either.) it may be possible to downgrade ff to a version before 50.0 but thats not that good of a solution either i guess..

anyways.. thanks in advance for any help. best regards loco

aye folks! since the last ff update i get this error all the time. i tried to find a solution online and there was more than enough content. the big problem: i can't reach like 60% of the sites regarding this because firefox denies the access. it's my job to look at a lot of content everyday and gather the information. i can't do that atm. thats not nice at all. i already checked all my addons and plugins, my anti virus software and both firewalls.. my own and the central one. there is just no way to get around this. but maybe i missed something when i did my research. is there any way to get around this? (i can't open the sites in another browser either.) it may be possible to downgrade ff to a version before 50.0 but thats not that good of a solution either i guess.. anyways.. thanks in advance for any help. best regards loco

All Replies (5)

more options

What security software do you have?

Did you check the security.ssl3 prefs on the about:config page?

Leave the logjam cipher suites disabled.

  • security.ssl3.dhe_rsa_aes_128_sha = false
  • security.ssl3.dhe_rsa_aes_256_sha = false
more options

locotay said

(i can't open the sites in another browser either.)

Maybe it is an issue with a security filter, proxy server, etc., that intercepts requests from your browser. Some of them are not as sophisticated as they should be...

You could try disabling HTTP/2 to see whether that is the issue:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste spdy and pause while the list is filtered

(3) Double-click the network.http.spdy.enabled.http2 preference to switch the value from true to false

Any difference on the problem sites?

more options

hey there.

i'm not that familiar with the about:config page but i tried both of your solutions. sadly it still isn't working. when i disable all secruity.ssl3.* options i can't open the site because it's https wich is relatable. as soon as i switch one of them back to true i get the no cypher error. the spdy approach didn't work out either. i also tried to combine both ways but without a positive result. but thanks for your answers! (:

i may have to talk to the sysadmin again to find a solution.. he wasn't that helpful last time tho. :D

more options

locotay said

when i disable all secruity.ssl3.* options i can't open the site because it's https wich is relatable. as soon as i switch one of them back to true i get the no cypher error.

Sorry, it is best to set all of those preferences to true except the two cor-el mentioned that are good to set to false.

If Firefox and the site cannot agree on a cipher even with all the modern ones enabled, there is an issue with either the site's configuration or an intermediary that can't handle it.

more options

Can you access these websites with another browser like Google Chrome? Then you can check what cipher suite is used.

You can also check the website and check your browser to see if there is a cipher suite that both support.