lambooni
9 months ago
92
1
Forge

Forge/LetsEncrypt SSL error "SSL_ERROR_NO_CYPHER_OVERLAP" TLS version incompatibility?

Posted 9 months ago by lambooni

Some users have complained that they cannot access our site due to a "secure connection failure" i.e. SSL. The actual error code provided is SSL_ERROR_NO_CYPHER_OVERLAP.

SSL has been installed via the forge LetsEncrypt button. I have tested 4 of our sites using https://www.ssllabs.com and all seem to have the same errors show up.

Errors are only related to certain browsers/OS (generally older versions) i.e.

Chrome 49 / XP SP3  Server sent fatal alert: handshake_failure

I also noticed that only TLS 1.2 protocol is supported with my site, so I am guessing that these older browsers are using an older protocol.

| Protocols                                    |     |
|----------------------------------------------|-----|
| TLS 1.3                                      | No  |
| TLS 1.2                                      | Yes |
| TLS 1.1                                      | No  |
| TLS 1.0                                      | No  |
| SSL 3                                        | No  |
| SSL 2                                        | No  |
| For TLS 1.3 tests, we only support RFC 8446. |     |

Laravel themselves noted this change on Twitter (https://twitter.com/laravelphp/status/996477171291033602?lang=en). I wonder how we are supposed to deal with users on older hardware at this stage?

Please sign in or create an account to participate in this conversation.