- Package:
- iceweasel
- Source:
- firefox-esr
- Submitter:
- Norbert Preining
- Date:
- 2025-09-18 07:31:50 UTC
- Severity:
- important
Hi all,
I get the following error when connecting to the universities
internal web server:
------
Secure Connection Failed
An error occurred during a connection to MY.SERVER:PORT. SSL peer rejected a handshake message for unacceptable content. (Error code: ssl_error_illegal_parameter_alert)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
---------
I tried the following:
* start with -safe-mode : no changes
* start from a clean state (removed ~/.mozilla/firefox) with -safe-mode:
no changes
* tried upstream original firefox: worked out of the box
* tried chromium (Debian): worked out of the box
That means that something in the SSL handling in Debian's Iceweasel
is broken.
Thanks
Norbert
[...] Same version? Or that the SSL certificat of the server is broken. Sylvestre
Hi Sylvestre, I tried both, 33.0 and 31.2.0esr, in both cases it works with original Firefox without any problems. So either something in firefox, or the certificate has changed, as you mentioned, and the current Debian/firefox cannot work with that. The certificate as seen in firefox 33.0 looks like this: Connection Encrypted: High-grade Encryption TLS_RSA_WITH_3DES_EDE_CBC_SHA, 112 bit keys Certificate Signature Algrorithm: PKCS #1 SHA-1 With RSA Encryption So maybe it is openssl? Thanks Norbert
I have recently started getting similar issues. On sites that used to work, I am now getting this error: Secure Connection Failed An error occurred during a connection to secure.marketwatch.com Cannot communicate securely with peer: no common encryption algorithm(s). (Error code:ssl_error_no_cypher_overlap)
The latest Iceweasel security update disables SSL3 based on a well-publicised vulnerability: https://www.debian.org/security/2014/dsa-3050 This breaks a number of sites that only have SSL available for encryption. I would personally have preferred a warning, but this is really a problem with the sites using obsolete encryption algorithms, not with Iceweasel.
Hi Norbert-- Norbert Preining wrote: [...] [...] It sounds like you either don't want to to identify the server publicly. I'm sure you have good reasons for this, but it makes it difficult for other people to debug it directly. However, I'd like to understand what is triggering the ssl_error_illegal_parameter_alert. It's possible that the relevant change happened in libnss3 -- can you try rolling back to version 2:3.17.1-1 to see if that resolves the problem with the debian iceweasel packages? If so, please reassign this bug report to libnss3, and we can continue the diagnostics. If you don't mind identifying the server to me privately, i'd be happy to take a look at it directly. Or, if i'm unlikely to have network access to the server, could you try installing a recent version (3.x) of gnutls-bin, and sending me the output of: gnutls-cli-debug --debug 9999 -VVVV --port PORT MY.SERVER Alternately (or in addition), you could install libnss3-tools, and try connecting to the server with it: d=$(mktemp -d) nss-dbtest -i -d "$d" tstclnt -v -h MY.SERVER -p PORT -d "$d" Thanks for reporting the problem,
Hi Daniel, That could well be ... unfortunately Looks better, finishes with ... tstclnt: using asynchronous certificate validation tstclnt: Read from server -1 bytes tstclnt: handshake was paused by auth certificate hook tstclnt: authentication of server cert failed: SEC_ERROR_UNTRUSTED_ISSUER: Peer's certificate issuer has been marked as not trusted by the user. tstclnt: exiting with return code 254 Does that mean it is actually an ssl3 problem, only? That didn't change anything (separate email I sent). Norbert
If it is, you can try to go to about:config, and change security.tls.version.min to 0. I would have expected a different error, though. (ssl_error_no_cypher_overlap) Mike
Hi Mike, hi all, Indeed, that made it work again .... thanks. Is it possible to have this only for *some* sites, I would prefer *not* to enable that globally. So, that does mean I should kick the web admins of that server? That happened without the -V ssl3:ssl3 command line Norbert
i know of no way to do that in iceweasel.
yes, certainly, though i would suggest "nudge" rather than "kick" --
most people respond better to friendly/collaborative notes ("i want to
make sure i can access this web service securely, i'm sure you want that
too!") than to being attacked :)
The server definitely needs to be upgraded if it wants to interact with
modern clients. Most of the modern browsers will be turning off SSLv3
support in the next few months:
http://www.bit-tech.net/news/bits/2014/10/15/google-mozilla-sslv3/1
It's possible that this is an extension-intolerant SSLv3 server, which
would mean that it only works when no extensions were set at all.
If sslv3 is enabled in your client, then you're likely to see a fallback
dance happen, where a connection is retried without any extensions
whatever. if sslv3 is not enabled, then the fallback dance will not
make it down to a "pure" extension-free SSLv3 clienthello, which maybe
means that the server will reject the clienthello entirely with some
separate message, distinct from "ssl_error_no_cypher_overlap".
Hi everyone, thanks for the comments. Done so, I used cipherscan Umpf, I prefer not to do that as I probably will get into deep **** from my workplace doing this :-( Yeah, that was not meant physically, I know when I have to be very nice ;-) So What I got from cipherscan is the following: prio ciphersuite protocols pfs_keysize 1 RC4-SHA SSLv3 2 RC4-MD5 SSLv2,SSLv3 3 EDH-RSA-DES-CBC3-SHA SSLv3 DH,1024bits 4 DES-CBC3-SHA SSLv3 5 EDH-RSA-DES-CBC-SHA SSLv3 DH,1024bits 6 DES-CBC-SHA SSLv3 7 EXP-DES-CBC-SHA SSLv3 RSA,512bits 8 EXP-RC4-MD5 SSLv2,SSLv3 RSA,512bits Does this tell you masters anything? It seems that it is SSLv3 only considering SSLv2 as even worse? Norbert
I'm not familiar with the details of cipherscan and how it evaluates this, but reading from the reasonable interpretation of the above: This is remarkably bad on a modern network. SSLv2 has been explicitly prohibited for over 3 years now: https://tools.ietf.org/html/rfc6176 And this is coming from a body (the IETF) that has a very difficult time explicitly stating that a given protocol is prohibited. The export ciphersuites (denoted here with the EXP- prefix) are also known-broken (arguably, designed broken), and should never be used by anyone who cares about confidentiality or integrity. RC4 is also known to be significantly weaker than anything you should want (we're working on explicitly prohibiting it [0]). The single-DES ciphersuites (items 5 and 6 above) are also only ~56 bits of security, which is far to little. so the only two semi-plausible ciphers in the above list are 3 and 4, and those are really only possibly acceptable in contexts vulnerable to BEAST and the like (e.g. web browsers) if the server does record splitting (e.g. [1]), which i would guess that an old unmaintained server does not. In short, keeping this server off the public internet is a good idea, and its administrators should really do an overhaul of its TLS stack. Please use modern, well-supported crypto. we know there are problems with the old stuff.
Dear Customer, UPS courier was unable to contact you for your parcel delivery. Please check delivery label attached! With many thanks, Alberto Glenn, UPS Station Manager.
src:iceweasel has been superseded by src:firefox-esr in version 45.0esr-1 in March 2016. Transitional packages to ease upgrades were provided in the wheezy, jessie, stretch and buster releases. The transitional packages have been removed finally before the bullseye release in August 2021. After regular security support for buster ended in August 2022 and LTS support ended in June 2024, I'm closing the remaining bug reports now. Andreas