Problem whit domain SSL_ERROR_NO_CYPHER_OVERLAP

  • I have some domains and subdomains with the SSL certificate generated by the LetsEncrypt plugins that show this type of error SSL_ERROR_NO_CYPHER_OVERLAP, while others work correctly.



    I tried to modify apache and nginx files by inserting


    SSLProtocol all -SSLv3
    SSLCipherSuiteECDHE-ECDSA-CHACHA20-POLY1305: ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384: ECDHE-RSA -AES256-GCM-SHA384: DHE-RSA-AES128-GCM-SHA256: DHE-RSA-AES256-GCM-SHA384: ECDHE-ECDSA-AES128-SHA-256: ECDHE-RSA-AES128-SHA-256: ECDHE-ECDSA-AES128-SHA : ECDHE-RSA-AES256-SHA384: ECDHE-RSA-AES128-SHA: ECDHE-ECDSA-AES256-SHA384: ECDHE-ECDSA-AES256-SHA: ECDHE-RSA-AES256-SHA: DHE-RSA-AES128-SHA-256: DHE -RSA-AES128-SHA: DHE-RSA-AES256-SHA256: DHE-RSA-AES256-SHA: ECDHE-ECDSA-DES-CBC3-SHA: ECDHE-RSA-DES-CBC3-SHA: EDH-RSA-DES-CBC3 -SHA: AES128-GCM-SHA256: AES256-GCM-SHA384: AES128-SHA-256: AES256-SHA-256: AES128-SHA: AES256-SHA: DES-CBC3-SHA:! DSSSSLHonorCipherOrder onSSLCompression offSSLSessionTickets off


    but it seems to have no effect



    i-MSCP 1.5.3
    Build: 20180516
    Codename: Ennio Morricone




    PHP 5.6.36-1+0~20180505045733.13+jessie~1.gbp9b5cab (cli)
    Copyright (c) 1997-2016 The PHP Group
    Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v10.0.3, Copyright (c) 2002-2017, by ionCube Ltd.
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies



    Browser on Android 7

    Notelseit.com

    Edited once, last by theprincy ().

  • @theprincy


    You should avoid to play with configuration without knowing what you're doing.

    I tried to modify apache and nginx files by inserting

    You changed Nginx configuration but Nginx is only used for the control panel, hence my sentence above...


    Anyway you don't give us sufficient information. Which browser give you that error exactly? Firefox? Which version?


    And please, edit your post and make use of bbcode, else, I'll close it.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @theprincy


    You should avoid to play with configuration without knowing what you're doing

    the question is that nothing has been touched, if not update. thing that on other servers, with the same settings does not happen

    Notelseit.com

  • the question is that nothing has been touched, if not update.

    Apart the fact that you changed the cipher configuration in both Apache and Nginx by closing eyes... without saying us where you have done those changes... Anyway, you didn't answered all questions. If you use old Firefox browser, you can get such error. Google is your friend. Nothing is magic here.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • before posting I did a search on google and I saw the various answers to the problem.



    No changes have been made before last major update dates back to months ago. Up to two / three days ago everything went perfectly even if these sites were slowed down, this morning came out that problem. so I started looking for a solution.


    along with the problem on android, before it was also on the version offirefox 59.0.2, modifying the files domain_ext_ssl.conf the site is seen
    on the desktop but not on the mobile.



    my question is how come if the server settings are the same for all the other domains they did not have this problem?




    I recreated ssl externally, through the site https://www.sslforfree.com and a site also works on mobile, while other does not always work on mobile while the browser on the PC works.

    Notelseit.com

  • This has nothing to do with i-MSCP nor with LE.


    See https://support.mozilla.org/fr/questions/1057053

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • the problem is the certificate generated by the plugin and by cloudflare that is not recognized

    Or you setup is just wrong... LE certificates are used all around the world without any problem.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206