Closed Bug 1133648 Opened 6 years ago Closed 5 years ago

T-Mobile https://secure-checkout.t-mobile.com ssl_error_no_cypher_overlap error

Categories

(Web Compatibility :: Desktop, defect)

x86
macOS
defect
Not set
normal

Tracking

(firefox35 unaffected, firefox36 unaffected, firefox37 unaffected, firefox38 affected)

RESOLVED FIXED
Tracking Status
firefox35 --- unaffected
firefox36 --- unaffected
firefox37 --- unaffected
firefox38 --- affected

People

(Reporter: cpeterson, Unassigned)

References

Details

https://secure-checkout.t-mobile.com

Secure Connection Failed

An error occurred during a connection to secure-checkout.t-mobile.com. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) 

https://www.ssllabs.com/ssltest/analyze.html?d=secure-checkout.t-mobile.com

Protocols
TLS 1.2 	No
TLS 1.1 	No
TLS 1.0 	Yes
SSL 3   INSECURE 	Yes
SSL 2 	No

Cipher Suites (sorted by strength; the server has no preference)
TLS_RSA_WITH_RC4_128_SHA (0x5)   WEAK		128

Downgrade attack prevention 	No, TLS_FALLBACK_SCSV not supported
RC4 	Yes   WEAK
Forward Secrecy 	No   WEAK
TLS version intolerance 	TLS 1.98  TLS 2.98

A different T-Mobile website (https://tmobile.ecustomersupport.com) was broken without SSL3 in bug 1042380.
> TLS_RSA_WITH_RC4_128_SHA (0x5)   WEAK		128
> TLS version intolerance 	TLS 1.98  TLS 2.98

This site only support RC4 and TLS 1.1/1.2 tolerant.
Blocks: 1124039
No longer blocks: TLS-Intolerance
No longer blocks: 1124039
Fixed.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.