Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Getting SSL_ERROR_NO_CYPHER_OVERLAP when attempting a site with a self-signed certificate

  • 21 antwoorden
  • 54 hebben dit probleem
  • 1 weergave
  • Laatste antwoord van gshonle

more options

I'm developing a web app. Currently, I'm using a self-signed certificate (getting it properly signed comes later).

When I have the web server set so that it only accepts TLS1.1 and TLS1.2, I'm getting a SSL_ERROR_NO_CYPHER_OVERLAP error. And, of course, trying the 'use outdated security' link doesn't work, since the web server won't allow those connections.

If I temporarily allow insecure connections on the web server, Firefox will then allow me to accept the cert. After the cert is accepted, Firefox can then connect over only TLS1.1 and TLS1.2. So, most of the time, Firefox can find a common cypher for TLS1.1/1.2 connections.

(The web server is on an Ubuntu kernel, with OpenSSL1.0.1f.)

I'm developing a web app. Currently, I'm using a self-signed certificate (getting it properly signed comes later). When I have the web server set so that it only accepts TLS1.1 and TLS1.2, I'm getting a SSL_ERROR_NO_CYPHER_OVERLAP error. And, of course, trying the 'use outdated security' link doesn't work, since the web server won't allow those connections. If I temporarily allow insecure connections on the web server, Firefox will then allow me to accept the cert. After the cert is accepted, Firefox can then connect over only TLS1.1 and TLS1.2. So, most of the time, Firefox can find a common cypher for TLS1.1/1.2 connections. (The web server is on an Ubuntu kernel, with OpenSSL1.0.1f.)

Gekozen oplossing

I finally figured out what is going on.

The fix is really in configuring OpenSSL; however, since Firefox is the browser that most readily displays the problem, I'm going to post the answer here.

[NOTE: if you get this error on Firefox, and you're not in control of the web site you visit, you'll need to send an e-mail to the web site administrator, with the error you're getting]

Anyway, at issue is the separation in OpenSSL of the protocols supported vs. the cipher list.

In an app using OpenSSL, if you're using anything older than OpenSSL 1.1.0, you'll need to disable any protocol older than TLSv1. Do this with:

SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);

(Note that recent versions of OpenSSL before version 1.1.0 have SSLv2 turned off by default, but it doesn't hurt to explicitly disable it with this call. Also note that if you disable TLSv1 [i.e. add ' | SSL_OP_NO_TLSv1' to the above call], you'll break compatibility with some apps that make HTTPS calls; for example Firefox appears to use TLSv1 to do the certificate exchange, before going to stronger protocols for the session).

The key to understanding the SSL_NO_CYPHER_OVERLAP error is that TLSv1 only uses SSLv3 ciphers.

So, I was running into this issue because when I disabled SSLv3, I was also disabling the SSLv3 ciphers. To set the OpenSSL ciphers, use something like:

SSL_CTL_set_cipher_list(ctx, "TLSv1.2:TLSv1:SSLv3:!SSLv2:HIGH:!MEDIUM:!LOW");

If you use instead (as I was originally using):

SSL_CTL_set_cipher_list(ctx, "TLSv1.2:TLSv1:!SSLv3:!SSLv2:HIGH:!MEDIUM:!LOW");

You'll effectively disable TLSv1, since there are no TLSv1-specific ciphers (at least in OpenSSL), and with the SSLv3 ciphers disabled, it isn't possible to establish a TLSv1 connection.

With SSLv3 disabled, but the TLSv1/SSLv3 ciphers enabled, Firefox is able to get the certificates. After this, I see that Firefox then establishes a TLSv1.2 connection.

Most of the above solution is not needed for OpenSSL 1.1.0, since that has no support for SSLv3 at all.

Dit antwoord in context lezen 👍 4

Alle antwoorden (1)

more options

Gekozen oplossing

I finally figured out what is going on.

The fix is really in configuring OpenSSL; however, since Firefox is the browser that most readily displays the problem, I'm going to post the answer here.

[NOTE: if you get this error on Firefox, and you're not in control of the web site you visit, you'll need to send an e-mail to the web site administrator, with the error you're getting]

Anyway, at issue is the separation in OpenSSL of the protocols supported vs. the cipher list.

In an app using OpenSSL, if you're using anything older than OpenSSL 1.1.0, you'll need to disable any protocol older than TLSv1. Do this with:

SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);

(Note that recent versions of OpenSSL before version 1.1.0 have SSLv2 turned off by default, but it doesn't hurt to explicitly disable it with this call. Also note that if you disable TLSv1 [i.e. add ' | SSL_OP_NO_TLSv1' to the above call], you'll break compatibility with some apps that make HTTPS calls; for example Firefox appears to use TLSv1 to do the certificate exchange, before going to stronger protocols for the session).

The key to understanding the SSL_NO_CYPHER_OVERLAP error is that TLSv1 only uses SSLv3 ciphers.

So, I was running into this issue because when I disabled SSLv3, I was also disabling the SSLv3 ciphers. To set the OpenSSL ciphers, use something like:

SSL_CTL_set_cipher_list(ctx, "TLSv1.2:TLSv1:SSLv3:!SSLv2:HIGH:!MEDIUM:!LOW");

If you use instead (as I was originally using):

SSL_CTL_set_cipher_list(ctx, "TLSv1.2:TLSv1:!SSLv3:!SSLv2:HIGH:!MEDIUM:!LOW");

You'll effectively disable TLSv1, since there are no TLSv1-specific ciphers (at least in OpenSSL), and with the SSLv3 ciphers disabled, it isn't possible to establish a TLSv1 connection.

With SSLv3 disabled, but the TLSv1/SSLv3 ciphers enabled, Firefox is able to get the certificates. After this, I see that Firefox then establishes a TLSv1.2 connection.

Most of the above solution is not needed for OpenSSL 1.1.0, since that has no support for SSLv3 at all.

Bewerkt door gshonle op

  1. 1
  2. 2