Why can't Firefox connect securely to ports other than 443?
cPanel for linux uses various ports to control a server, such as 2087 for WHM. If I try to access https://www.myserver.com:2087, I get the error:
An error occurred during a connection to www.myserver.com:2087. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)
I have no problem accessing the same URL from IE 11, and I can access https://www.myserver.com:443 from FireFox 43.0. What's the problem?
Thanks, Keith
所有回覆 (4)
I assume this is not a newly observed problem unique to Firefox 43?
I don't know whether this is truly an SSL issue or whether it is really caused by the port number. To rule out the latter, if you haven't already "unbanned" this port, please see the steps in this thread: How to allow a restricted port?
Use this site to find out the cipher suites supported by Firefox. https://www.ssllabs.com/ssltest/viewMyClient.html
Then check your server configuration and make sure your server offers a cipher suite Firefox does support.
If your site is reachable via Internet you can check it here (using port 443). https://www.ssllabs.com/ssltest/
I have no problem accessing the same URL from IE 11
That's probably because IE supports outdated and unsafe cipher suites, so that there is an overlap with your server.
Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen) to see if that helps.
Perhaps the problem is with cPanel. Is there any way to check which ciphers are supported on a non-standard https port? I've tried:
nmap -p 2087 --script ssl-enum-ciphers www.myserver.com
When the port is set to 443, it lists only TLSv1.1 and TLSv1.2, as expected, but nothing for port 2087 (or for 55555, which FireFox is happy to connect to).