搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Error code: ssl_error_no_cypher_overlap

more options

hi i'm using firefox 33 right now

i have used thise setting for my firefox till i get an error for some https websites

security.tls.version.max;0 security.tls.version.min;0

it worked very well, but i dont know what happend it is useless now

i am getting thise error An error occurred during a connection to www.facebook.com. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

thise error appears on website like fb and binbox.io and most https website

when i change the setting to security.tls.version.max;0 security.tls.version.min;1 or changeing the version max to any number like 1 or 2 or 3 it works well !!! but thise setting is not working for facebook !!!

when i restore the setting to defaults thise error appears on https://facebook.com

An error occurred during a connection to www.facebook.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)

i got thise error last year so i solved it by changeing security.tls.version.max;3 to security.tls.version.max;0 and used thise setting for 1 year and worked well

but now i cant access most https websites

whats wrong with firefox ?

my os is win8

and ei has no problem with https websites

help me pls

and excuse me for my bad english

hi i'm using firefox 33 right now i have used thise setting for my firefox till i get an error for some https websites security.tls.version.max;0 security.tls.version.min;0 it worked very well, but i dont know what happend it is useless now i am getting thise error An error occurred during a connection to www.facebook.com. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) thise error appears on website like fb and binbox.io and most https website when i change the setting to security.tls.version.max;0 security.tls.version.min;1 or changeing the version max to any number like 1 or 2 or 3 it works well !!! but thise setting is not working for facebook !!! when i restore the setting to defaults thise error appears on https://facebook.com An error occurred during a connection to www.facebook.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) i got thise error last year so i solved it by changeing security.tls.version.max;3 to security.tls.version.max;0 and used thise setting for 1 year and worked well but now i cant access most https websites whats wrong with firefox ? my os is win8 and ei has no problem with https websites help me pls and excuse me for my bad english

所有回复 (5)

more options

You may remember that the min/max values correspond to different versions of the SSL/TLS encryption protocol, from older to newer:

0 = SSL v3.0 1 = TLS 1.0 2 = TLS 1.1 3 = TLS 1.2

Nearly all sites in the world will work with TLS 1.0, and many now have upgraded to TLS 1.1 and 1.2 if the browser requests it.

But you may have heard in the news recently about a flaw in SSL v3.0 that is connected to a "POODLE" attack that allows your secure session to be hijacked. Many sites are turning off support for SSL v3.0 to protect their users. As a result, your max setting

security.tls.version.min = 0 (default setting)
security.tls.version.max = 0 (custom setting)

is pretty much obsolete now. To protect yourself from a POODLE attack, I suggest going the other way:

security.tls.version.min = 1 (custom setting)
security.tls.version.max = 3 (default setting)

To get back to your Facebook issue:

(1) Are you using a security filter for your secure connections? You sometimes can identify the filter by visiting the same site in another browser, clicking the padlock icon in the address bar, and viewing the site's secure certificate. The "Issued by" section will list your security software vendor instead of the normal issuing authority. Or it may indicate malware. It's definitely worth checking.

(2) Are you using a proxy connection (e.g., TOR or anonymous VPN service)? Some proxies may not have full support for TLS.

more options

thanks for your replay

are you saying that fb has upgraded its security ?

my main problem is my ISP !!! it doesn't allow users to access the fb !! i found out if i change my dns server i may access the fb so by changeing the dns server i can access the fb but i got a new problem Error code: ssl_error_rx_record_too_long i think this error is one of my ISP traps!! so i had to change max version to 0

to answer your questions (1) I am not using special security filter just my bitdefender firewall

(2) i am not using any vpn or proxy

i change my setting to what you suggested

min 1 max 3

but when i try to access fb although it connectes but thise error still exist Error code: ssl_error_rx_record_too_long

由ferarri于修改

more options

I don't know whether Facebook has dropped support for SSLv3 but if I were them, I would!

If your ISP is blocking Facebook, or secure connections to Facebook, I don't think that can be easily solved from within Firefox. I don't know why the previous workaround worked, maybe they could decrypt and read SSLv3 so they allowed it??

more options

today i have same problem with connecting to

https://support.mozilla.org

Error code: ssl_error_no_cypher_overlap

although I'm using the default setting !!!! max 3 min 0

(my internet connection was so slow, 5 KB i think)

but after two times refresh it becomes ok !!

what about now ???

i think this error is not from websites upgrading to TLS 1.1 and 1.2 as you said....

由ferarri于修改

more options

Maybe there was a temporary problem with this server? I don't have an explanation for that.