X
Tap here to go to the mobile version of the site.

Support Forum

This thread was closed and archived. Please ask a new question if you need help.

Error code: ssl_error_no_cypher_overlap when trying with localhost

Posted

I am trying to connect to localhost. I am getting

Secure Connection Failed An error occurred during a connection to localhost. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

What setting should i do to enable the localhost in new version?

I am trying to connect to localhost. I am getting Secure Connection Failed An error occurred during a connection to localhost. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) What setting should i do to enable the localhost in new version?

Additional System Details

Installed Plug-ins

  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • Google Update
  • Shockwave Flash 13.0 r0
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.07
  • Next Generation Java Plug-in 10.13.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • SiteAdvisor
  • iTunes Detector Plug-in
  • 5.1.30214.0
  • BlackBerry WebSL Browser Plug-In
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Office Authorization plug-in for NPAPI browsers

Application

  • Firefox 31.0
  • User Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
  • Support URL: https://support.mozilla.org/1/firefox/31.0/WINNT/en-US/

Extensions

  • colorPicker 2.0 (colorPicker@colorPicker)
  • ColorZilla 2.8 ({6AC85730-7D0F-4de0-B3FA-21142DD85326})
  • Firebug 2.0.2 (firebug@software.joehewitt.com)
  • FireShot 0.98.59 ({0b457cAA-602d-484a-8fe7-c1d894a011ba})
  • RESTClient 2.0.3 ({ad0d925d-88f8-47f1-85ea-8463569e756e})
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • IDS_SS_NAME IDS_SS_VERSION ({D19CA586-DD6C-4a0a-96F8-14644F340D60}) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: Intel(R) HD Graphics
  • adapterDescription2:
  • adapterDeviceID: 0x0046
  • adapterDeviceID2:
  • adapterDrivers: igdumdx32 igd10umd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.1.7601.18245
  • driverDate: 6-10-2011
  • driverDate2:
  • driverVersion: 8.15.10.2418
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • webglRenderer: Google Inc. -- ANGLE (Intel(R) HD Graphics Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Direct3D 10

Modified Preferences

  • accessibility.typeaheadfind.flashBar: 0
  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.disk.smart_size_cached_value: 358400
  • browser.cache.frecency_experiment: 1
  • browser.places.smartBookmarksVersion: 7
  • browser.sessionstore.upgradeBackup.latestBuildID: 20140716183446
  • browser.startup.homepage_override.buildID: 20140716183446
  • browser.startup.homepage_override.mstone: 31.0
  • dom.allow_scripts_to_close_windows: True
  • dom.mozApps.used: True
  • extensions.lastAppVersion: 31.0
  • font.internaluseonly.changed: True
  • gfx.direct3d.last_used_feature_level_idx: 1
  • network.cookie.prefsMigrated: True
  • places.database.lastMaintenance: 1407125862
  • places.history.expiration.transient_current_max_pages: 92009
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • privacy.sanitize.migrateFx3Prefs: True
  • storage.vacuum.last.index: 1
  • storage.vacuum.last.places.sqlite: 1404450784

Misc

  • User JS: No
  • Accessibility: No
cor-el
  • Top 10 Contributor
  • Moderator
17000 solutions 153506 answers

Does it have any effect if you disable libPKIX?

You can test that by disabling libPKIX support in Firefox, but it is not recommended to leave it disabled on the long run for security and vulnerability reasons.

  • about:config page: security.use_mozillapkix_verification = false

Did this work in previous Firefox versions? If that is the case then in what version did this work?

Every now and then some cipher suits that are weak and vulnerable are removed, so it is possible that your server software needs an update to support stronger cipher suits.

Does it have any effect if you disable libPKIX? You can test that by disabling libPKIX support in Firefox, but it is not recommended to leave it disabled on the long run for security and vulnerability reasons. *<b>about:config</b> page: security.use_mozillapkix_verification = false ----- Did this work in previous Firefox versions? If that is the case then in what version did this work? Every now and then some cipher suits that are weak and vulnerable are removed, so it is possible that your server software needs an update to support stronger cipher suits.

Question owner

In the previous versions, when i used to change security.ssl3.rsa_rc4_128_md5 property to true, localhost would work. However i dont remember in which version did it work. In 29.0 version, i do not see the above said configuration. Same localhost works when i start tomcat server and hit an HTTP url but doesnt work for the HTTPS url.

In the previous versions, when i used to change security.ssl3.rsa_rc4_128_md5 property to true, localhost would work. However i dont remember in which version did it work. In 29.0 version, i do not see the above said configuration. Same localhost works when i start tomcat server and hit an HTTP url but doesnt work for the HTTPS url.

Helpful Reply

Any Luck? I am still struggling. about:config page: security.use_mozillapkix_verification = false also did not have any effect. I guess Firefox version 15 or 16 worked with md5 change.

Any Luck? I am still struggling. about:config page: security.use_mozillapkix_verification = false also did not have any effect. I guess Firefox version 15 or 16 worked with md5 change.
cor-el
  • Top 10 Contributor
  • Moderator
17000 solutions 153506 answers

The security.ssl3.rsa_rc4_128_md5 is still present on the about:config page, so it is still supported. You can try to disable (toggle to false) all security.ssl3.* prefs and enable one at the time to see if it works with one of the other cipher suits.

If you can get it to work that way then enable more of the cipher suits until it stop. You need to clear the "Active Logins" via "History > Clear Recent History" after every change from true to false (false to true is probably OK).

The security.ssl3.rsa_rc4_128_md5 is still present on the <b>about:config</b> page, so it is still supported. You can try to disable (toggle to false) all security.ssl3.* prefs and enable one at the time to see if it works with one of the other cipher suits. If you can get it to work that way then enable more of the cipher suits until it stop. You need to clear the "Active Logins" via "History > Clear Recent History" after every change from true to false (false to true is probably OK). *https://support.mozilla.org/kb/remove-recent-browsing-search-and-download-history

Modified by cor-el

Biscuit1001 0 solutions 4 answers

Helpful Reply

Disabling/toggling all security.ssl3.* (that were true) blocks ALL SSL connections, including this page/site, Google, and my own server where I just disabled SSLv3 due to a security issue.

Meanwhile, as much as this pains me to point out, Chrome has no problem connecting to any of the above...

Disabling/toggling all security.ssl3.* (that were true) blocks ALL SSL connections, including this page/site, Google, and my own server where I just disabled SSLv3 due to a security issue. Meanwhile, as much as this pains me to point out, Chrome has no problem connecting to any of the above...
Noah_SUMO
  • Moderator
98 solutions 606 answers

This is not the proper thread to discuss the new SSL 3.0 exploit. This thread is from August. And the answer provided by cor-el was not prepared specifically for this exploit just revealed by Google on October 14th.

Please ask a new question to have this properly answered. Locking this old thread to avoid further confusion.


For anyone worried about the SSL 3.0 exploit, please install this addon: https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/

Or change the about:config preference security.tls.version.min from 0 (sslv3) to 1 (tls 1.0).

And read: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

This is not the proper thread to discuss the new SSL 3.0 exploit. This thread is from '''August'''. And the answer provided by cor-el was <u>not</u> prepared specifically for this exploit just revealed by Google on <u>October 14th</u>. Please ask a new question to have this properly answered. Locking this old thread to avoid further confusion. ---- For anyone worried about the SSL 3.0 exploit, please install this addon: https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/ Or change the about:config preference '''security.tls.version.min''' from 0 (sslv3) to 1 (tls 1.0). And read: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

Modified by Noah_SUMO