This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSL_ERROR_NO_CYPHER_OVERLAP for google with latest FF update

  • 6
  • 2
  • 2 views
  • Nzaghachi ikpeazụ nke cor-el

more options

Prior to the latest update of FF = 54.0.1 (32-bit) was able to access https://www.google.com/advanced_search?hl=en now get Secure Connection Failed with Error code: SSL_ERROR_NO_CYPHER_OVERLAP There is no advanced option to over ride or accept the risk. I already searched this site and it said to update to the latest version which is what caused this problem.

Prior to the latest update of FF = 54.0.1 (32-bit) was able to access https://www.google.com/advanced_search?hl=en now get Secure Connection Failed with Error code: SSL_ERROR_NO_CYPHER_OVERLAP There is no advanced option to over ride or accept the risk. I already searched this site and it said to update to the latest version which is what caused this problem.

All Replies (6)

more options

The cypher is the mathematical method the browser and the site agree to use to secure the connection. You can't make an exception to an inability to do the same math on both sides.

Obviously it shouldn't be a problem with Google.

Some users modify the ciphers that Firefox uses. Let's double-check your settings and make sure they aren't disabled:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste SSL3 and pause while the list is filtered

Firefox should display about 15 lines starting with security.ssl3

(3) If any of the preferences is bolded and "user set" to false, double-click it to restore the default value of true

Exception: You can block these two to improve your security:

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

If all the settings are good, perhaps it's a problem with Bitdefender. If you are allowing Bitdefender to intercept your secure connections, try disabling that temporarily. More info in this article: How to troubleshoot security error codes on secure websites.

more options

Thanks jscher2000

All 15 entries were there and set to true. I performed your recommendation to set to false the 2 items you listed. However same result only this time it indicated "It looks like your network security settings might be causing this. Do you want the default settings to be restored?" So it reverted the 2 items to true and still did not work. Also same results for simply https://www.google.com/ with no ability to add an exception

Since this happened I also ran a complete scan and vulnerability check with Bit Defender and no change to the results.

more options

By the way https://southwest.com/ & https://mail.aol.com/ also says Your connection is not secure but in that case FF allowed me to add an exception. Not so in the google case.

more options

You should never need to make exceptions for well-run sites. But it would be interesting to check the certificates for those sites to see whether the intermediary responsible for the fake certificates is identified there.

While you're on Southwest, could you check the certificate as follows. Call up the Certificate Viewer through the Page Info dialog, Security panel:

  • right-click (on Mac Ctrl+click) a blank area of the page and choose View Page Info > Security > "View Certificate"
  • (menu bar) Tools > Page Info > Security > "View Certificate"
  • click the padlock or "i" icon in the address bar, then the ">" button, then More Information, and finally the "View Certificate" button

Does the issuer and the Certificate Hierarchy match the attached image?

more options

No, It does not match what you posted. Not sure if it matters but this is happening on a Windows 7 PC with all the current required updates as of last evening.

more options

As you can see in the screenshot, these certificates are issued by Bitdender.

See this article about Bitdefender:


Note that the System Details list shows you have multiple Flash plugins.

  • Shockwave Flash 26.0 r0
  • Shockwave Flash 13.0 r0

You can find the installation path of all plugins on the about:plugins page.

You can check the Flash player installation folder for multiple Flash player plugins and remove older version(s) of the plugin (NPSWF32) and possibly (re)install the latest Flash player.

  • (32 bit Windows) C:\Windows\System32\Macromed\Flash\
  • (64 bit Windows) C:\Windows\SysWOW64\Macromed\Flash\