Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

SSL_ERROR_NO_CYPHER_OVERLAP when going to amtrak.com

  • 9 uphendule
  • 3 zinale nkinga
  • 16 views
  • Igcine ukuphendulwa ngu goodguy00

more options

On multiple versions of Firefox ESR, I cannot successfully load amtrak.com. I do have a proxy inline, but all other browsers work just fine. I get the SSL_ERROR_NO_CYPHER_OVERLAP only when using Firefox. I did some searches online and found other people also had this error when trying to reach amtrak.com but didn't see any fixes. Anyone have any solutions?

On multiple versions of Firefox ESR, I cannot successfully load amtrak.com. I do have a proxy inline, but all other browsers work just fine. I get the SSL_ERROR_NO_CYPHER_OVERLAP only when using Firefox. I did some searches online and found other people also had this error when trying to reach amtrak.com but didn't see any fixes. Anyone have any solutions?

All Replies (9)

more options

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites

What do the security warning codes mean


SSL_ERROR_NO_CYPHER_OVERLAP Your server apparently doesn't offer any cipher suites necessary to establish a secure https connection that are supported in Firefox. You can check what kind of cipher suites Firefox can make use of by visiting; https://www.ssllabs.com/ssltest/viewMyClient.html

Firefox will just show the SSL_ERROR_NO_CYPHER_OVERLAP error when encountered any site using the RC4 cipher.

more options

You can check the server.

You can check your browser to see if there is a cipher suites available in Firefox that is supported by the server.

more options

Does anyone else experience this problem with amtrak.com? I reported it to them, but haven't heard back.

more options

On the test page you can see that this server only supports one acceptable cipher suite.

Firefox uses for me this preferred cipher suite as listed in "Tools -> Page Info -> Security":

  • Connection Encrypted (TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 256 bit keys, TLS 1.2)

If you have security software or other software/connection that acts as a man-in-the-middle but doesn't support this cipher suite then you have a problem.

more options

xstuartbarrettx said

On multiple versions of Firefox ESR, I cannot successfully load amtrak.com. I do have a proxy inline, but all other browsers work just fine. I get the SSL_ERROR_NO_CYPHER_OVERLAP only when using Firefox. I did some searches online and found other people also had this error when trying to reach amtrak.com but didn't see any fixes. Anyone have any solutions?
more options

You can check your browser to see what cipher suites are supported and compare that with what the server supports.

If you use a proxy that possibly builds its own certificate chain then things might be different and the possibility of a cipher overlap error might be bigger especially in cases like this with a server that supports a limited set of cipher suites.

more options

what about other very public sites like: https://www.saccourt.ca.gov/

in FF71.0 it gives SSL_ERROR_NO_CYPHER_OVERLAP but in Chromium78.0.3904.97 it's fine. security is fine, but if you start blocking out public websites ... i mean, please, give the users at least some means at hand to bypass this nonsense.

Okulungisiwe ngu goodguy00

more options

goodguy002 said

what about other very public sites like: https://www.saccourt.ca.gov/

Looking good in Firefox 71 on Windows (see attached).

Do you browse through any intermediary ("man in the middle") such as a proxy server, security software web filter, parental control filter, or spyware?

Or have you modified any settings related to secure connections?

Could you try:

New Profile Test

This takes about 3 minutes, plus the time to test your problem site(s).

Inside Firefox, type or paste about:profiles in the address bar and press Enter/Return to load it.

Click the "Create a New Profile" button, then click Next. Assign a name like Dec2019, ignore the option to relocate the profile folder, and click the Finish button.

After creating the profile, scroll down to it and click the Launch profile in new browser button.

Firefox should open a new window that looks like a brand new, uncustomized installation. (Your existing Firefox window(s) should not be affected.) Please ignore any tabs enticing you to connect to a Sync account or to activate extensions found on your system so we can get a clean test.

Do the problem site(s) work any better in the new profile?

When you are done with the experiment, you can close the extra window without affecting your regular Firefox profile. (Dec2019 will remain available for future testing.)

Note: if this test changed your default profile, use the Set as Default Profile button for your regular profile to set it back to normal.

more options

thank you for your reply. yes, i did create a new profile. no security settings changed, no add-ons. same result. 5.3.15-200.fc30.x86_64 (fedora30), several installations (laptop, desktop) path to internet over official router by upc.