Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.
URL to redirect is insecure, so get error instead of redirect to secure web site
When trying to access this URL you get an Error code: SSL_ERROR_NO_CYPHER_OVERLAP https://financialservicesinc.ubs.com/staticfiles/pws/documents/ww-re-direct-31-Jan-2020.html
That above link is a redirect to the real site located at: https://www.ubs.com/us/en/wealth-management/washington-weekly/2020/washington-weekly-31-jan-2020.html
Unfortunately, the first link is trying to make a secure connection with
but that web site does not support a matching cypher suit (hence a secure connection cannot be made). This results in the error.
Check out the security analysis of their website: https://www.ssllabs.com/ssltest/analyze.html?d=financialservicesinc.ubs.com
You can see they only support TLS 1.2 and a limited list of cypher suites that do not match those in Firefox.
Interestingly, https://financialservicesinc.ubs.com is supposed to redirect to https://www.ubs.com/us/en/wealth-management.html but that redirection is not occurring in Firefox. I think Firefox is trying to resolve the security before resolving the domain redirect. I am curious if it is a 302 redirect or some other redirect method.
If an insecure connection could be made to the initial URL the redirect would trigger and you would be redirected to the website with matching ciphers and a secure connection could be obtained. How can you allow an insecure connection just to check/trigger a redirect?
All Replies (3)
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.
SSL_ERROR_NO_CYPHER_OVERLAP Your server apparently doesn't offer any cipher suites necessary to establish a secure https connection that are supported in Firefox. You can check what kind of cipher suites Firefox can make use of by visiting; https://www.ssllabs.com/ssltest/viewMyClient.html
Firefox will just show the SSL_ERROR_NO_CYPHER_OVERLAP error when encountered any site using the RC4 cipher.
I assume that you are out of luck with Firefox if you need to use the link that redirects.
If you need to use the redirect link because it appears on other pages then you can contact the website and points them to this issue. If this is merely about using an older link or bookmark then you shouldn't use the redirect link, but go straight to the ubs.com website.
The link is from an e-mail sent by UBS. The e-mail is sent monthly and links to their most current monthly publication. This means the link is chaning every month. Unfortunately, instead of sending the direct link to the article, they are sending a redirect link. There are many layers of failure here: 1. The link sender could send the direct link, instead of a redirect link. 2. The redirect site could support more security options/cipher suites. 3. Firefox could support more cipher suites.
My user has no control over any of the above. So the end result is my user will change their default browser from Firefox to Chrome because they want the convenience of clicking on the link in the e-mail and it just working, like it does in Chrome.