Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How do I determine the TLS/SSL configuration of Firefox ver 38?

  • 1 reply
  • 34 have this problem
  • 1 view
  • Last reply by cor-el

more options

I got the following message (partially shown) when I tried to connect to a particular website.

Secure Connection Failed An error occurred during a connection to xxxxxx.xxx. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

I tried the MS IE browser and had a similar notice. I checked the security setting on IE, added selections TLS 1.1 and TLS 1.2 and resolved my problem on the IE browser.

So I wanted to check the TLS/SSL settings on Firefox but could not find where they were selected. I thought they used to be under Tools/Options. Where can I go to verify them?

I got the following message (partially shown) when I tried to connect to a particular website. Secure Connection Failed An error occurred during a connection to xxxxxx.xxx. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. I tried the MS IE browser and had a similar notice. I checked the security setting on IE, added selections TLS 1.1 and TLS 1.2 and resolved my problem on the IE browser. So I wanted to check the TLS/SSL settings on Firefox but could not find where they were selected. I thought they used to be under Tools/Options. Where can I go to verify them?

Chosen solution

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).

If this helps then you can contact this website and ask them to look into this and update their security.


Read this answer in context 👍 7

All Replies (1)

more options

Chosen Solution

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the full domain to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).

If this helps then you can contact this website and ask them to look into this and update their security.