SSL_ERROR_NO_CYPHER_OVERLAP when visiting archive.is க்கான சமீபத்திய பதில்கள்https://support.mozilla.org/ta/questions/12194962018-05-28T04:15:23-07:00Firefox uses this cipher suite by default.
Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA22018-05-28T04:15:23-07:00cor-elhttps://support.mozilla.org/ta/questions/1219496#answer-1116278<p>Firefox uses this cipher suite by default.
</p><pre>Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2)
</pre>
<p>If I disable this cipher suite then the connection switches to
</p><pre>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
</pre>
<ul><li>Tools -&gt; Page Info -&gt; Security
</li></ul>I called for more help.
2018-05-28T03:13:43-07:00fredmcd-hotmailhttps://support.mozilla.org/ta/questions/1219496#answer-1116245<p>I called for more help.
</p>I have no anti virus software installed.
Results of the SSL labs test
Protocol Support
Your user age2018-05-27T23:01:20-07:00louisoft01https://support.mozilla.org/ta/questions/1219496#answer-1116175<p>I have no anti virus software installed.
</p><p>Results of the SSL labs test
</p><p>Protocol Support
Your user agent has good protocol support.
Your user agent supports TLS 1.2, which is recommended protocol version at the moment.
Experimental: Your user agent supports TLS 1.3.
Logjam Vulnerability
Your user agent is not vulnerable.
For more information about the Logjam attack, please go to <a href="http://weakdh.org" rel="nofollow">weakdh.org</a>.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
FREAK Vulnerability
Your user agent is not vulnerable.
For more information about the FREAK attack, please go to <a href="http://www.freakattack.com" rel="nofollow">www.freakattack.com</a>.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
POODLE Vulnerability
Your user agent is not vulnerable.
For more information about the POODLE attack, please read this blog post.
Protocol Features
Protocols
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
</p><p><br>
Cipher Suites (in order of preference)
TLS_AES_128_GCM_SHA256 (0x1301) Forward Secrecy 128
TLS_CHACHA20_POLY1305_SHA256 (0x1303) Forward Secrecy 256
TLS_AES_256_GCM_SHA384 (0x1302) Forward Secrecy 256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Forward Secrecy 128
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Forward Secrecy 128
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) Forward Secrecy 256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) Forward Secrecy 256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Forward Secrecy 256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Forward Secrecy 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Forward Secrecy 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Forward Secrecy 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK 112
(1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh.
</p><p><br>
Protocol Details
Server Name Indication (SNI) Yes
Secure Renegotiation Yes
TLS compression No
Session tickets Yes
OCSP stapling Yes
Signature algorithms SHA256/ECDSA, SHA384/ECDSA, SHA512/ECDSA, RSA_PSS_SHA256, RSA_PSS_SHA384, RSA_PSS_SHA512, SHA256/RSA, SHA384/RSA, SHA512/RSA, SHA1/ECDSA, SHA1/RSA
Named Groups x25519, secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072
Next Protocol Negotiation No
Application Layer Protocol Negotiation Yes h2 http/1.1
SSL 2 handshake compatibility No
</p><p>Mixed Content Handling
Mixed Content Tests
Images Passive Yes
CSS Active No
Scripts Active No
XMLHttpRequest Active No
WebSockets Active No
Frames Active No
(1) These tests might cause a mixed content warning in your browser. That's expected.
(2) If you see a failed test, try to reload the page. If the error persists, please get in touch.
</p><p>Related Functionality
Upgrade Insecure Requests request header (more info) Yes
</p><p>Thanks for the reply
</p>There is security software like Avast, Kaspersky,
BitDefender and ESET that intercept secure
connect2018-05-27T22:52:14-07:00fredmcd-hotmailhttps://support.mozilla.org/ta/questions/1219496#answer-1116170<p>There is security software like Avast, Kaspersky,
BitDefender and ESET that intercept secure
connections and send their own certificate.
</p><p><a href="https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can" rel="nofollow">https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can</a>
</p><p><a href="https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites" rel="nofollow">https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites</a>
</p><p><a href="https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message" rel="nofollow">https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message</a>
</p><p><a href="https://support.mozilla.org/en-US/kb/connection-untrusted-error-message" rel="nofollow">https://support.mozilla.org/en-US/kb/connection-untrusted-error-message</a>
</p><p><a href="http://kb.mozillazine.org/Error_loading_websites" rel="nofollow">http://kb.mozillazine.org/Error_loading_websites</a>
</p><p><br>
<strong>SSL_ERROR_NO_CYPHER_OVERLAP</strong>
Your server apparently doesn't offer any cipher suites necessary to establish a
secure https connection that are supported in Firefox. You can check what kind
of cipher suites Firefox can make use of by visiting;
<a href="https://www.ssllabs.com/ssltest/viewMyClient.html" rel="nofollow">https://www.ssllabs.com/ssltest/viewMyClient.html</a>
</p>