SSL_ERROR_NO_CYPHER_OVERLAP for google with latest FF update
Prior to the latest update of FF = 54.0.1 (32-bit) was able to access https://www.google.com/advanced_search?hl=en now get Secure Connection Failed with Error code: SSL_ERROR_NO_CYPHER_OVERLAP There is no advanced option to over ride or accept the risk. I already searched this site and it said to update to the latest version which is what caused this problem.
Всички отговори (6)
The cypher is the mathematical method the browser and the site agree to use to secure the connection. You can't make an exception to an inability to do the same math on both sides.
Obviously it shouldn't be a problem with Google.
Some users modify the ciphers that Firefox uses. Let's double-check your settings and make sure they aren't disabled:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste SSL3 and pause while the list is filtered
Firefox should display about 15 lines starting with security.ssl3
(3) If any of the preferences is bolded and "user set" to false, double-click it to restore the default value of true
Exception: You can block these two to improve your security:
- security.ssl3.dhe_rsa_aes_128_sha
- security.ssl3.dhe_rsa_aes_256_sha
If all the settings are good, perhaps it's a problem with Bitdefender. If you are allowing Bitdefender to intercept your secure connections, try disabling that temporarily. More info in this article: How to troubleshoot security error codes on secure websites.
Thanks jscher2000
All 15 entries were there and set to true. I performed your recommendation to set to false the 2 items you listed. However same result only this time it indicated "It looks like your network security settings might be causing this. Do you want the default settings to be restored?" So it reverted the 2 items to true and still did not work. Also same results for simply https://www.google.com/ with no ability to add an exception
Since this happened I also ran a complete scan and vulnerability check with Bit Defender and no change to the results.
By the way https://southwest.com/ & https://mail.aol.com/ also says Your connection is not secure but in that case FF allowed me to add an exception. Not so in the google case.
You should never need to make exceptions for well-run sites. But it would be interesting to check the certificates for those sites to see whether the intermediary responsible for the fake certificates is identified there.
While you're on Southwest, could you check the certificate as follows. Call up the Certificate Viewer through the Page Info dialog, Security panel:
- right-click (on Mac Ctrl+click) a blank area of the page and choose View Page Info > Security > "View Certificate"
- (menu bar) Tools > Page Info > Security > "View Certificate"
- click the padlock or "i" icon in the address bar, then the ">" button, then More Information, and finally the "View Certificate" button
Does the issuer and the Certificate Hierarchy match the attached image?
No, It does not match what you posted. Not sure if it matters but this is happening on a Windows 7 PC with all the current required updates as of last evening.
As you can see in the screenshot, these certificates are issued by Bitdender.
See this article about Bitdefender:
Note that the System Details list shows you have multiple Flash plugins.
- Shockwave Flash 26.0 r0
- Shockwave Flash 13.0 r0
You can find the installation path of all plugins on the about:plugins page.
You can check the Flash player installation folder for multiple Flash player plugins and remove older version(s) of the plugin (NPSWF32) and possibly (re)install the latest Flash player.
- (32 bit Windows) C:\Windows\System32\Macromed\Flash\
- (64 bit Windows) C:\Windows\SysWOW64\Macromed\Flash\