Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSLv3 error message on site with TLSv1. Version 34.0 security settings at default.

  • 5 replies
  • 9 have this problem
  • 2 views
  • Last reply by guigs

more options

Trying to utilize online billpay feature of T-Mobile site. Generates ssl_error_no_cypher_overlap. Talked to T-Mobile. They claim site has TLSv1 enabled. Config TLS settings are left at default (fallback limit 1, min 1, max 3).

Firefox v34.0, OS Win7 64-bit

Thanks in advance for any help you may offer.

Susan

Trying to utilize online billpay feature of T-Mobile site. Generates ssl_error_no_cypher_overlap. Talked to T-Mobile. They claim site has TLSv1 enabled. Config TLS settings are left at default (fallback limit 1, min 1, max 3). Firefox v34.0, OS Win7 64-bit Thanks in advance for any help you may offer. Susan

Chosen solution

You can check the server to be sure what is supported:

Can you post a link to that server?

Read this answer in context 👍 1

All Replies (5)

more options

This should be disabled in FIrefox by default, unless there were changes made. This can be checked in the about:config or it may be easier to Reset Firefox to its defaults. However this will remove all add ons and changed data.

Reset Firefox preferences to troubleshoot and fix problems To reset just the tls and ssl preferences refer to : https://support.mozilla.org/en-US/que.../952242

However because of a previous Poodle security exploit, this is probably where we are running into issues. This might also depend on the type of ssl3 encryption. Some are disabled, like rsa camelia 256 etc, but unlikely.

It is recommended to uninstall Firefox and reinstall with a back up of the profile. In order to create a back up, follow these instructions: Back up and restore information in Firefox profiles

more options

Thank you very much for your response. Unfortunately I honestly didn't understand your statement:

"This should be disabled in FIrefox by default, unless there were changes made. This can be checked in the about:config or it may be easier to Reset Firefox to its defaults."

I don't know what you meant by "this" should be disabled.....what "this" are you referring to? SSLv3 or TLSv1? Whatever, I stated both in the subject line and in the message text that Firefox v34.0 security settings are at default.

Anyway, I solved my problem.....but not with Firefox. I'm still running IE on one of my other computers (IE has SSLv3 disabled) so I used that one to access the T-Mobile page that I needed.

BTW, that was the ONLY site I had problems with using Firefox v34. So far It has been behaving quite well with other secure financial-transaction sites.... and with Christmastime approaching I'm having to use a LOT of those  :-).

Thank you again. This is really a nice site. And it speaks well for Firefox that in all the time I've used it, this was the first time I've needed help.

Susan

more options

Chosen Solution

You can check the server to be sure what is supported:

Can you post a link to that server?

more options

Thank you also, core-el.

I marked your response indicating that it solved my problem, just to close this thread.

I had tested that server earlier myself (SSLv2 is disabled, SSLv3 is enabled, TLSv1 is enabled).

Whatever, as I stated in my second message, I could access what I needed using one of my computers that's still running IE . The current IE version (like Firefox) has SSLv3 disabled and TLSv1 enabled by default. I don't know why IE could get in there OK, but not Firefox. But anyway, the problem is solved and I've never had another problem with Firefox so I'm not going to worry about it anymore.

Again, thank you both, guigs2 and cor-el, for your assistance.

Susan

more options

I reread the guidelines to this as well, still a new subject. For future questions these are the posted guidelines for TLS in Firefox after the Poodle security exploitation.