Join the Mozilla’s Test Days event from Dec 2–8 to test the new Firefox address bar on Firefox Beta 134 and get a chance to win Mozilla swag vouchers! 🎁

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

URL to redirect is insecure, so get error instead of redirect to secure web site

  • 3 답장
  • 1 이 문제를 만남
  • 6 보기
  • 최종 답변자: GP

more options

When trying to access this URL you get an Error code: SSL_ERROR_NO_CYPHER_OVERLAP https://financialservicesinc.ubs.com/staticfiles/pws/documents/ww-re-direct-31-Jan-2020.html

That above link is a redirect to the real site located at: https://www.ubs.com/us/en/wealth-management/washington-weekly/2020/washington-weekly-31-jan-2020.html

Unfortunately, the first link is trying to make a secure connection with

https://financialservicesinc.ubs.com

but that web site does not support a matching cypher suit (hence a secure connection cannot be made). This results in the error.

Check out the security analysis of their website: https://www.ssllabs.com/ssltest/analyze.html?d=financialservicesinc.ubs.com

You can see they only support TLS 1.2 and a limited list of cypher suites that do not match those in Firefox.

Interestingly, https://financialservicesinc.ubs.com is supposed to redirect to https://www.ubs.com/us/en/wealth-management.html but that redirection is not occurring in Firefox. I think Firefox is trying to resolve the security before resolving the domain redirect. I am curious if it is a 302 redirect or some other redirect method.

If an insecure connection could be made to the initial URL the redirect would trigger and you would be redirected to the website with matching ciphers and a secure connection could be obtained. How can you allow an insecure connection just to check/trigger a redirect?

When trying to access this URL you get an Error code: SSL_ERROR_NO_CYPHER_OVERLAP https://financialservicesinc.ubs.com/staticfiles/pws/documents/ww-re-direct-31-Jan-2020.html That above link is a redirect to the real site located at: https://www.ubs.com/us/en/wealth-management/washington-weekly/2020/washington-weekly-31-jan-2020.html Unfortunately, the first link is trying to make a secure connection with https://financialservicesinc.ubs.com but that web site does not support a matching cypher suit (hence a secure connection cannot be made). This results in the error. Check out the security analysis of their website: https://www.ssllabs.com/ssltest/analyze.html?d=financialservicesinc.ubs.com You can see they only support TLS 1.2 and a limited list of cypher suites that do not match those in Firefox. Interestingly, https://financialservicesinc.ubs.com is supposed to redirect to https://www.ubs.com/us/en/wealth-management.html but that redirection is not occurring in Firefox. I think Firefox is trying to resolve the security before resolving the domain redirect. I am curious if it is a 302 redirect or some other redirect method. If an insecure connection could be made to the initial URL the redirect would trigger and you would be redirected to the website with matching ciphers and a secure connection could be obtained. How can you allow an insecure connection just to check/trigger a redirect?

모든 댓글 (3)

more options

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

What do the security warning codes mean



SSL_ERROR_NO_CYPHER_OVERLAP Your server apparently doesn't offer any cipher suites necessary to establish a secure https connection that are supported in Firefox. You can check what kind of cipher suites Firefox can make use of by visiting; https://www.ssllabs.com/ssltest/viewMyClient.html

Firefox will just show the SSL_ERROR_NO_CYPHER_OVERLAP error when encountered any site using the RC4 cipher.

more options

I assume that you are out of luck with Firefox if you need to use the link that redirects.

If you need to use the redirect link because it appears on other pages then you can contact the website and points them to this issue. If this is merely about using an older link or bookmark then you shouldn't use the redirect link, but go straight to the ubs.com website.

more options

The link is from an e-mail sent by UBS. The e-mail is sent monthly and links to their most current monthly publication. This means the link is chaning every month. Unfortunately, instead of sending the direct link to the article, they are sending a redirect link. There are many layers of failure here: 1. The link sender could send the direct link, instead of a redirect link. 2. The redirect site could support more security options/cipher suites. 3. Firefox could support more cipher suites.

My user has no control over any of the above. So the end result is my user will change their default browser from Firefox to Chrome because they want the convenience of clicking on the link in the e-mail and it just working, like it does in Chrome.