Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSL_ERROR_NO_CYPHER_OVERLAP when visiting archive.is

  • 4 replies
  • 2 have this problem
  • 2274 views
  • آخر ردّ كتبه cor-el

more options

I get this error message when visiting archive.is and archive.fo

Chosen solution

Firefox uses this cipher suite by default.

Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2)

If I disable this cipher suite then the connection switches to

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • Tools -> Page Info -> Security
Read this answer in context 👍 0

All Replies (4)

more options

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

http://kb.mozillazine.org/Error_loading_websites


SSL_ERROR_NO_CYPHER_OVERLAP Your server apparently doesn't offer any cipher suites necessary to establish a secure https connection that are supported in Firefox. You can check what kind of cipher suites Firefox can make use of by visiting; https://www.ssllabs.com/ssltest/viewMyClient.html

more options

I have no anti virus software installed.

Results of the SSL labs test

Protocol Support Your user agent has good protocol support. Your user agent supports TLS 1.2, which is recommended protocol version at the moment. Experimental: Your user agent supports TLS 1.3. Logjam Vulnerability Your user agent is not vulnerable. For more information about the Logjam attack, please go to weakdh.org. To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site. FREAK Vulnerability Your user agent is not vulnerable. For more information about the FREAK attack, please go to www.freakattack.com. To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site. POODLE Vulnerability Your user agent is not vulnerable. For more information about the POODLE attack, please read this blog post. Protocol Features Protocols TLS 1.3 Yes TLS 1.2 Yes TLS 1.1 Yes TLS 1.0 Yes SSL 3 No SSL 2 No


Cipher Suites (in order of preference) TLS_AES_128_GCM_SHA256 (0x1301) Forward Secrecy 128 TLS_CHACHA20_POLY1305_SHA256 (0x1303) Forward Secrecy 256 TLS_AES_256_GCM_SHA384 (0x1302) Forward Secrecy 256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Forward Secrecy 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Forward Secrecy 128 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) Forward Secrecy 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) Forward Secrecy 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Forward Secrecy 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Forward Secrecy 256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Forward Secrecy 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Forward Secrecy 256 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK 112 (1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh.


Protocol Details Server Name Indication (SNI) Yes Secure Renegotiation Yes TLS compression No Session tickets Yes OCSP stapling Yes Signature algorithms SHA256/ECDSA, SHA384/ECDSA, SHA512/ECDSA, RSA_PSS_SHA256, RSA_PSS_SHA384, RSA_PSS_SHA512, SHA256/RSA, SHA384/RSA, SHA512/RSA, SHA1/ECDSA, SHA1/RSA Named Groups x25519, secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072 Next Protocol Negotiation No Application Layer Protocol Negotiation Yes h2 http/1.1 SSL 2 handshake compatibility No

Mixed Content Handling Mixed Content Tests Images Passive Yes CSS Active No Scripts Active No XMLHttpRequest Active No WebSockets Active No Frames Active No (1) These tests might cause a mixed content warning in your browser. That's expected. (2) If you see a failed test, try to reload the page. If the error persists, please get in touch.

Related Functionality Upgrade Insecure Requests request header (more info) Yes

Thanks for the reply

more options

I called for more help.

more options

Chosen Solution

Firefox uses this cipher suite by default.

Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2)

If I disable this cipher suite then the connection switches to

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • Tools -> Page Info -> Security