User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150513174244 Steps to reproduce: Open an https site that has no cypher overlap with Firefox. (Sorry; I don't have a publicly available available site.) View the error page. Actual results: The error page shows: Secure Connection Failed An error occurred during a connection to bad-cypher-host.example.com. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. Expected results: The error page should provide a way to determine what cyphers the server offers.
(In reply to Bitt Faulk from comment #0) > The error page should provide a way to determine what cyphers the server > offers. You can use the SSL Labs service for this. https://www.ssllabs.com/ssltest/
Severity: normal → enhancement
Component: Untriaged → Security: UI
OS: Unspecified → All
Product: Firefox → Core
Hardware: Unspecified → All
Summary: ssl_error_no_cypher_overlap error page should provide more detail → Secure Connection Failed - ssl_error_no_cypher_overlap error page should provide more detail
Also getting for a popular Toronto retail store and seeing lots of errors about ssl_error_no_cypher_overlap posted to Twitter. https://baybloorradio.com/
(In reply to Ryan Feeley from comment #2) > Also getting for a popular Toronto retail store and seeing lots of errors > about ssl_error_no_cypher_overlap posted to Twitter. > https://baybloorradio.com/ I filed Bug 1173661 for this. (It would be appreciated if you could file similar bugs if you encounter more (popular) RC4 only sites, Thanks!)
Improvements to the neterror page have been made recently that might help with this (e.g. if your cipher suite preferences aren't set to the defaults, Firefox will offer to reset them and see if that helps). In general, determining what cipher suites the server supports requires trying every single cipher suite, and this is not something we're going to implement in Firefox.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.