Jump to Navigation

Talking to Grid Control

And suddenly, Firefox did not want to connect to Oracle Grid Control anymore.

The error message displayed was Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap). Google was not immediately useful (suggesting things like turning off SSL).

Figuring this out took a little while. I had recently upgraded to Firefox 37, so it was likely this caused it. A downgrade to Firefox 31 confirmed that. Keeping on version 31 was not such a nice option, though, as the password store format changed in Firefox 32, meaning that most of my stored passwords were suddenly unavailable.

Debian currently has Firefox (rebranded as Iceweasel) 31 (the esr or extended support release) in Jessie and unstable and Firefox 37 in experimental and as Wheezy backport on mozilla.debian.net. That means that the possibilities were limited.

Some further Googling showed that several changes were made to the SSL/TLS stack to mitigate protocol downgrade attacks. This turned out to be the key: setting security.tls.version.fallback-limit from its new default 3 back to 1 solved the issue.



Blog_article | by Dr. Radut