How do I determine the TLS/SSL configuration of Firefox ver 38?
I got the following message (partially shown) when I tried to connect to a particular website.
Secure Connection Failed An error occurred during a connection to xxxxxx.xxx. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
I tried the MS IE browser and had a similar notice. I checked the security setting on IE, added selections TLS 1.1 and TLS 1.2 and resolved my problem on the IE browser.
So I wanted to check the TLS/SSL settings on Firefox but could not find where they were selected. I thought they used to be under Tools/Options. Where can I go to verify them?
Asịsa ahọpụtara
Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?
The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
- security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).
If this helps then you can contact this website and ask them to look into this and update their security.
- https://developer.mozilla.org/en-US/Firefox/Releases/36/Site_Compatibility#Security
- https://developer.mozilla.org/en-US/Firefox/Releases/37/Site_Compatibility#Security
- https://developer.mozilla.org/en-US/Firefox/Releases/38/Site_Compatibility#Security
All Replies (1)
Asịsa Ahọpụtara
Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?
The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
- security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).
If this helps then you can contact this website and ask them to look into this and update their security.