X
Tap here to go to the mobile version of the site.

Support Forum

How do I determine the TLS/SSL configuration of Firefox ver 38?

Posted

I got the following message (partially shown) when I tried to connect to a particular website.

Secure Connection Failed An error occurred during a connection to xxxxxx.xxx. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

I tried the MS IE browser and had a similar notice. I checked the security setting on IE, added selections TLS 1.1 and TLS 1.2 and resolved my problem on the IE browser.

So I wanted to check the TLS/SSL settings on Firefox but could not find where they were selected. I thought they used to be under Tools/Options. Where can I go to verify them?

I got the following message (partially shown) when I tried to connect to a particular website. Secure Connection Failed An error occurred during a connection to xxxxxx.xxx. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. I tried the MS IE browser and had a similar notice. I checked the security setting on IE, added selections TLS 1.1 and TLS 1.2 and resolved my problem on the IE browser. So I wanted to check the TLS/SSL settings on Firefox but could not find where they were selected. I thought they used to be under Tools/Options. Where can I go to verify them?

Chosen solution

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).

If this helps then you can contact this website and ask them to look into this and update their security.


Read this answer in context 7

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 10.1.14
  • Version 5.41.2.0
  • Google Update
  • Google Updater pluginhttp://pack.google.com/
  • HP Active Check Plugin
  • HP Pit Plugin
  • HP Product Detection Plugin
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 10.65.2 for Mozilla browsers
  • Shockwave Flash 17.0 r0
  • Adobe Shockwave for Director Netscape plug-in, version 12.1.3.153
  • Windows Presentation Foundation (WPF) plug-in for Mozilla browsers
  • Zylom Plugin
  • iTunes Detector Plug-in

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.0; rv:38.0) Gecko/20100101 Firefox/38.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
17680 solutions 159921 answers

Chosen Solution

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).

If this helps then you can contact this website and ask them to look into this and update their security.


Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)? The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite. You can open the <b>about:config</b> page via the location/address bar and use its search bar to locate this pref: *security.tls.insecure_fallback_hosts You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com). If this helps then you can contact this website and ask them to look into this and update their security. ---- *https://developer.mozilla.org/en-US/Firefox/Releases/36/Site_Compatibility#Security *https://developer.mozilla.org/en-US/Firefox/Releases/37/Site_Compatibility#Security *https://developer.mozilla.org/en-US/Firefox/Releases/38/Site_Compatibility#Security