Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel: SSL_ERROR_NO_CYPHER_OVERLAP

Discussion in 'Security' started by postcd, Jun 3, 2017.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    670
    Likes Received:
    11
    Trophy Points:
    68
    Hello,

    when i visited one domain via https (https://www.mydomainname.here) i see Firefox error:

    Secure Connection Failed - Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP

    when i access withou "www", it works.

    In "SSL Storage Manager" i see there two cpanel accounts who are having key, but missing certificate.
    the cpanel that is missing certificate has addon domain which has the cert., but when accessed that addon domain via firefox, it says: "Error code: SEC_ERROR_EXPIRED_CERTIFICATE"
    In AutoSSL log, this addon domain has warning:
    Code:
    "The system queried for a temporary file at “<a href="[URL]http://myaddondomain.here/.well-known/acme-challenge/OF_WQDPVTBU6F0QWNAON*****[/URL]">[URL]http://myaddondomain.here/.well-known/acme-challenge/OF_WQDPVTBU6F0QWNAON*********[/URL]</a>”, but the web server responded with the following error: 403 (Forbidden)"
    Indded, that file does not exist. .well-known/acme-challenge is empty and .well-known and its subdirs. has 755 permission and cpaneluser:cpaneluser rights.
    
    Please what to check to discover the cause?
     
    #1 postcd, Jun 3, 2017
    Last edited: Jun 3, 2017
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    599
    Likes Received:
    92
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    postcd likes this.
  3. 24x7serversecurity

    24x7serversecurity Active Member

    Joined:
    Aug 31, 2015
    Messages:
    38
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello postcd,

    Try disabling and enabling Auto SSL on your domain, then click on Check 'user' to the corresponding user. This process will check if the SSL is installed correctly or not.
    You can check the logs and see if there is any error and take corrective action accordingly.
     
  4. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    670
    Likes Received:
    11
    Trophy Points:
    68
    @Jcats: You were right. i did linux command:
    host www.mydomainname.here
    host mydomainname.here

    and the "www." indeed resolve to other server.

    in the WHM / DNS Functions / Edit DNS Zone i see the CNAME "www" record points to "www.mydomainname.here.cdn.cloudflare.net." so i changed it to: "mydomainname.here." and error "SSL_ERROR_NO_CYPHER_OVERLAP" is away and site works.

    Regarding other error (403 error when attempting to create SSL), it was because of the wrongly configured parent .htaccess file which denied access to the .well-known/ directory somehow. I fixed it by creating new .htaccess file in
    .well-known/ directory containing this line of text: RewriteEngine On

    So all seems to be fixed. Thank You
     
  5. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    599
    Likes Received:
    92
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Glad to hear it :)
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm happy to see you were able to address the issue. Thank you for updating us with the outcome.
     
  7. CoNfOuNd

    CoNfOuNd Member

    Joined:
    Feb 20, 2004
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Ireland
    Sorry to crash your party, but this isn't a proper solution to the problem you initially reported. You reported an error "SSL_ERROR_NO_CYPHER_OVERLAP" with one of your client's site. The client is using Cloudflare, possibly setup by the cPanel integrated plugin.

    Your solution was to edit the DNS record so the website no longer points to Cloudflare. Essentially you have disabled Cloudflare for that client's website. That will have got their website working again, SSL error-free, but it doesn't actually solve the problem for people who want to continue using Cloudflare, so I think it's misleading to have "SOLVED" in the subject, because people searching for this problem online will find the thread and think it's an actual solution.
     
Loading...

Share This Page