Get me a screenshot of this please? And as many details as you can provide. I haven't run into this on Chrome, but I'll alert the tech teams to it.
I keep getting this error in Firefox. On every forum page.Then it goes away for awhile.
What does your cipher list look like: https://www.ssllabs.com/ssltest/viewMyClient.html
![]()
The same thing happens on wget, and Firefox and Chrome on Android. The common denominator seems to be my Internet connection. It doesn't happen often, either - today, for instance, there's no problem.![]()
I don't know. How could I?Are your connections getting MITM'ed or something? That's the only thing I can think of that would correlate with it always happening on the same connection.
$ openssl s_client -showcerts -connect forums.anandtech.com:443
CONNECTED(00000003)
140106797090456:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1471530003
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
I doubt the problem is the cipher list. I'm not running browsers from the 90s.What does your cipher list look like: https://www.ssllabs.com/ssltest/viewMyClient.html
I don't know. How could I?
The only error I can consistently get is with:
.......
If I try www.google.com:443 I get much better results.
Hm, good to know. Thanks!Check the certificate fingerprints and see if they match to detect MITM attack. Some well known ones are at grc. Some banks publish theirs.
https://www.grc.com/fingerprints.htm
This has been bad today. Still mystifying. I tried this solution, but it didn't help:
http://www.ryananddebi.com/2014/12/10/bypassing-the-ssl_error_no_cypher_overlap-error-in-firefox-34/
Tried it. Didn't help. And, yes, I reset my TLS settings.Taking a shot in the dark here, what happens if you disable the chacha20 ciphers (you can do it in about:config by searching for ssl and finding the chacha20 ciphers)?
Interesting. I get the cypher error when I try to go directly to the site by IP: https://68.177.32.96/
Edit: And when I go to http://68.177.32.96, I get a different error.
So now I'm guessing the cypher error might be masking some other error.
FWIW, that's not the site IP, and you would not be able to hit the site by IP anyway.
Still investigating the matter.
Well I tried something else today. I turned off all the SSL minimums, and restarted the browser. And I got a different error code: SSL error inappropriate fallback alert. But I still get the old error sometimes too.
Firefox. And Chrome. And wget and curl and openssl. The latest thing I found is that forcing TLS on openssl returns an error code 40.What browser are you using? I don't see you list that.
I've been getting intermittent SSL issues as well, on Win7/Firefox. A few refreshes, and then it loads. I can try to get a better look at what the specific problem is next time it happens.Yes, I am using Linux. So are lots of other people on Android. (My Android phone has the problem too, on Firefox and Chrome.)
Well, I installed FoxyProxy and Tor on my desktop, and it's working for now. But sometimes I get a 403 Forbidden error. The risks of using a proxy.![]()