HTTPS login issue on SonicWALL

Issue:

I recently noticed that I was unable to login to a customer's SonicWALL TZ-210 over HTTPS using Google Chrome.  HTTP was fine but attempting login with HTTPS gave the following error message:

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Clicking on "Details" revealed the following additional information:

A secure connection cannot be established because this site uses an unsupported protocol or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure.

Cause:

This was due to two issues:
  1. Google Chrome no longer supporting RC4 encryption for HTTPS which the customer's SonicWALL was obviously using.
  2. The customer's SonicWALL using RC4 encryption for its HTTPS sessions rather than a more secure protocol.

Fix:

There's already an excellent fix for this issue on Spiceworks:

Comments