why won't certain websites open?
Just in the last few days some major websites have not been opening - Google, BT Yahoo, and Facebook, yet some lesser known ones which I use are working well. The following message appears after a prolonged period (10-20 seconds) :
"Secure Connection Failed
An error occurred during a connection to www.google.com. Cannot communicate securely with peer: no common encryption algorithm(s).
Error code: ssl_error_no_cypher_overlap"
Due to the fact that Google is one of the problematic sites I can't even Google it, although when I ask a friend to do so, the results seem to point to a problem within Firefox. I am unsure if this is correct, as IE is also problematic with these sites too. I have scanned my PC for viruses and it appears to be clean. My ISP has checked and they can see no problems with the network. I can also ping external sites, as well as the router itself. I don't seem to recall these issues until the latest update was installed, although that might be coincidence.
Any help will be gratefully received.
所有回覆 (12)
By default, Firefox will try the most secure protocol (TLS 1.2) and progressively drop down to older and more vulnerable ones (all the way back to SSL 3.0). If these settings have been changed, some sites might not connect.
Can you check the SSL levels Firefox is set to use? Here's how:
(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste tls and pause while the list is filtered
(3) If the following preferences are bolded and indicate "user set", make a note of what they are. Then use right-click > Reset to restore their default values and try the sites again.
security.tls.version.min (usually 0) security.tls.version.max (usually 3)
Any difference?
Or, since this affects multiple browsers, you may have installed some security software or malware that is intercepting your secure connections (man-in-the-middle) and then doing a very poor job covering its tracks.
Could you check your Windows Control Panel, Uninstall a Program, for any recent additions that you are not 100% sure are trustworthy? I suggest clicking the "Installed on" column heading to group by date. Often unwanted programs will sneak in as part of a bundle with free software.
Our malware support article lists some scanning/cleaning tools you also could try. Here's a Google cache link to them on a non-secure address: Troubleshoot Firefox issues caused by malware (cached 5/31/2014).
You can check the connection settings.
- Tools > Options > Advanced > Network : Connection > Settings
- https://support.mozilla.org/kb/Options+window+-+Advanced+panel
If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.
See "Firefox connection settings":
Checked these over and they are as you have suggested.
I got this error on one website ONLY. It's a state, and it's another agency website. When I wrote to the person in that department, she told me to try again and use any browser except IE. I followed your suggestion and reset the bold setting, which is now on 0.
It now works fine. Do I tell this mid-Atlantic state that their website is not very secure or is this an acceptable fix?
Thank you.
Hi CiaoBella1, if you changed the "max" to 0, that's not a good idea because it means that for all websites, Firefox will use the weakest available level of encryption.
But maybe you didn't do that, because this site will give you an error with "max" set to 0 ("ssl_error_no_cypher_overlap" because it no longer allows SSL v3).
What did you change, exactly?
Hi CiaoBella1, if you changed the "min" to its current default of 0, that may change back to 1 in Firefox 34. The reason is to avoid the POODLE attack, which you can read about online.
If the State site is crucial to your work, I guess you don't have a choice, but if you don't mind telling them you're unhappy making your browser less secure in order to use their site, maybe it will help.
Mr Scher - you never rest!
I entered tls and whatever was bold - I did NOT write it down (stupidly), but i think there were five and it was in the middle, I reset.
I changed it from 1 to 0 and my newest FF version is 33.1.1 (today). I definitely don't want leave myself vulnerable.
I needed it, but I checked it out. I would much rather be safe.
The person who contacted me was purchasing, not the webmaster. I sent her the error message twice after she told me again to login. I will not take "no" for an answer this time.
I am logging off - hopefully for a few days, so I'll wait before I change anything back. I do not want to make myself more vulnerable.
Thank you - you are terrific~ Happy Thanksgiving!
JScher,
I changed min, not max. I changed it back it 1 and it's bold again. I think I am okay, but you will let me know, I am sure.
Glad I checked - thank you.
If you need to connect to servers that only work with SSL3 then you can consider this extension.
- SSL Version Control: https://addons.mozilla.org/firefox/addon/ssl-version-control/
See also:
0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, 3 means TLS 1.2 etc.
Since the mid to late 90s, this is the first time this ever happened.
Thank you Cor-el.
Separate Issue; Update your Flash Player v15.0.0. 239 http://get.adobe.com/flashplayer/