Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

ssl-session protocol and cipher : handshake failure

  • 1 reply
  • 3 have this problem
  • 2 views
  • Last reply by Dan33l

more options

Hi,

I modified a settings on my printer about security access. Then i am locked out. I get this message when i try to use the admin webpage : "Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP"

Some details bellow , hope it will help :

openssl s_client -connect xx.xx.xx.xx:443 -showcerts CONNECTED(00000003) depth=0 C = GB, CN = KM4CA1E7 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = GB, CN = KM4CA1E7 verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain

0 s:/C=GB/CN=KM4CA1E7
  i:/C=GB/CN=KM4CA1E7

BEGIN CERTIFICATE-----

MIICJzCCAZCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAgMQswCQYDVQQGEwJHQjER MA8GA1UEAwwIS000Q0ExRTcwHhcNMTcwNDExMTAwMDU1WhcNMjIwNDExMTAwMDU1 WjAgMQswCQYDVQQGEwJHQjERMA8GA1UEAwwIS000Q0ExRTcwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALax4qd3TTxiivLHc1oC2xWTw3aRTV1TTxb4tjaMz+Xg 5BMQWn+cCK0EmpUJbkhZAksudGX6juyKX2lYZBBJ39p56LE9B5t8hSnAg0LAXCTT VpAONBKoU7pwTgkCq6LXUKvtccB6941WhYB3Bh5iLOyhVO0jI2nbh4XjwzIcTBD/ AgMBAAGjcTBvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW BBQEckM2nQx5aXSZ+TtHUoX43UEgsTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwEQYJYIZIAYb4QgEBBAQDAgbAMA0GCSqGSIb3DQEBCwUAA4GBAEVOyueU xu2wpxCs4h7kNXc50HKY+GOQtvuAWaAeSnjNivWVmXKljsu4aSYuwZwhvuey5IQX r5CUpWug/fBEvwb8CCravmIugKvv7xOunCUPf3WGkFAz/P/clea6eFQ01mz1eONO lLjjjpJHqhnTb60d6pTjK+Iq0QUJifNhHHq/


END CERTIFICATE-----

--- Server certificate subject=/C=GB/CN=KM4CA1E7 issuer=/C=GB/CN=KM4CA1E7 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1137 bytes and written 487 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session:

   Protocol  : TLSv1.2
   Cipher    : ECDHE-RSA-AES256-SHA384
   Session-ID: 81AC9E655A2B295AEF81080B0FBDF5A57F889FF9714EF2CC0FEB57D8FC7C64C1
   Session-ID-ctx: 
   Master-Key: 0C9717689368440A8E5DC97062096C529C69716955C4A497C39F68496312E05E7FFBDEC09960E7997810B6C96C52EA5F
   Key-Arg   : None
   PSK identity: None
   PSK identity hint: None
   SRP username: None
   TLS session ticket lifetime hint: 300 (seconds)
   TLS session ticket:
   0000 - 28 a3 58 c7 20 42 c6 6b-ac 58 c2 48 5d 52 b9 ab   (.X. B.k.X.H]R..
   0010 - 11 78 d6 cc 86 6e 3d 6a-cb 9f aa 64 ff 69 2c f0   .x...n=j...d.i,.
   0020 - 33 f3 c3 42 40 9c d1 d3-77 71 c5 d8 db b8 c6 35   3..B@...wq.....5
   0030 - 5a 66 a8 79 28 c8 ce 79-b6 94 1a 8c a6 a5 f9 8f   Zf.y(..y........
   0040 - 4b 2c 9a 72 cf 2d e8 63-4c 83 87 ea b3 4c ef 1e   K,.r.-.cL....L..
   0050 - 24 ec 88 f1 44 1b 4e 90-d1 45 49 4c 2a 59 f0 a7   $...D.N..EIL*Y..
   0060 - 5a 49 a6 8e 15 b5 d9 d2-1c cf 79 aa ba 58 60 f7   ZI........y..X`.
   0070 - a8 a5 a0 65 ee 29 ee 28-fa d1 67 d8 f5 f5 e2 a7   ...e.).(..g.....
   0080 - 5a ec 79 7e 6d 78 ac 15-8c 68 09 12 d8 43 2c 54   Z.y~mx...h...C,T
   0090 - a7 12 23 21 55 12 2e 54-88 27 7b 82 dd 61 7e d2   ..#!U..T.'{..a~.
   Start Time: 1502096691
   Timeout   : 300 (sec)
   Verify return code: 21 (unable to verify the first certificate)

--- HTTP/1.1 408 Request Time-Out Connection: Close Accept-Encoding: identity

read:errno=0

Hi, I modified a settings on my printer about security access. Then i am locked out. I get this message when i try to use the admin webpage : "Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP" Some details bellow , hope it will help : openssl s_client -connect xx.xx.xx.xx:443 -showcerts CONNECTED(00000003) depth=0 C = GB, CN = KM4CA1E7 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = GB, CN = KM4CA1E7 verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=GB/CN=KM4CA1E7 i:/C=GB/CN=KM4CA1E7 -----BEGIN CERTIFICATE----- MIICJzCCAZCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAgMQswCQYDVQQGEwJHQjER MA8GA1UEAwwIS000Q0ExRTcwHhcNMTcwNDExMTAwMDU1WhcNMjIwNDExMTAwMDU1 WjAgMQswCQYDVQQGEwJHQjERMA8GA1UEAwwIS000Q0ExRTcwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALax4qd3TTxiivLHc1oC2xWTw3aRTV1TTxb4tjaMz+Xg 5BMQWn+cCK0EmpUJbkhZAksudGX6juyKX2lYZBBJ39p56LE9B5t8hSnAg0LAXCTT VpAONBKoU7pwTgkCq6LXUKvtccB6941WhYB3Bh5iLOyhVO0jI2nbh4XjwzIcTBD/ AgMBAAGjcTBvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW BBQEckM2nQx5aXSZ+TtHUoX43UEgsTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwEQYJYIZIAYb4QgEBBAQDAgbAMA0GCSqGSIb3DQEBCwUAA4GBAEVOyueU xu2wpxCs4h7kNXc50HKY+GOQtvuAWaAeSnjNivWVmXKljsu4aSYuwZwhvuey5IQX r5CUpWug/fBEvwb8CCravmIugKvv7xOunCUPf3WGkFAz/P/clea6eFQ01mz1eONO lLjjjpJHqhnTb60d6pTjK+Iq0QUJifNhHHq/ -----END CERTIFICATE----- --- Server certificate subject=/C=GB/CN=KM4CA1E7 issuer=/C=GB/CN=KM4CA1E7 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1137 bytes and written 487 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: 81AC9E655A2B295AEF81080B0FBDF5A57F889FF9714EF2CC0FEB57D8FC7C64C1 Session-ID-ctx: Master-Key: 0C9717689368440A8E5DC97062096C529C69716955C4A497C39F68496312E05E7FFBDEC09960E7997810B6C96C52EA5F Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 28 a3 58 c7 20 42 c6 6b-ac 58 c2 48 5d 52 b9 ab (.X. B.k.X.H]R.. 0010 - 11 78 d6 cc 86 6e 3d 6a-cb 9f aa 64 ff 69 2c f0 .x...n=j...d.i,. 0020 - 33 f3 c3 42 40 9c d1 d3-77 71 c5 d8 db b8 c6 35 3..B@...wq.....5 0030 - 5a 66 a8 79 28 c8 ce 79-b6 94 1a 8c a6 a5 f9 8f Zf.y(..y........ 0040 - 4b 2c 9a 72 cf 2d e8 63-4c 83 87 ea b3 4c ef 1e K,.r.-.cL....L.. 0050 - 24 ec 88 f1 44 1b 4e 90-d1 45 49 4c 2a 59 f0 a7 $...D.N..EIL*Y.. 0060 - 5a 49 a6 8e 15 b5 d9 d2-1c cf 79 aa ba 58 60 f7 ZI........y..X`. 0070 - a8 a5 a0 65 ee 29 ee 28-fa d1 67 d8 f5 f5 e2 a7 ...e.).(..g..... 0080 - 5a ec 79 7e 6d 78 ac 15-8c 68 09 12 d8 43 2c 54 Z.y~mx...h...C,T 0090 - a7 12 23 21 55 12 2e 54-88 27 7b 82 dd 61 7e d2 ..#!U..T.'{..a~. Start Time: 1502096691 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- HTTP/1.1 408 Request Time-Out Connection: Close Accept-Encoding: identity read:errno=0

All Replies (1)

more options

The printer looks buggy. It disabled more than admin interface said.

For me it is solved so.