ScreenOS : ERR_SSL_VERSION_OR_CIPHER_MISMATCH accessing WebUI

By | August 25, 2017

You probably encountered the following error if you are a fan of using the Juniper SSG/ScreenOS WebUI using a “modern” browser :

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Well, since the latest clustered SSL exploits, the vast majority of browsers decided to disable some protocols and ciphers for everyone’s safety.

To work around this issue, you may use the following command to change the cipher suite on your SSG device :

set ssl encrypt 3des sha-1

This command can be safely used on a production system and will apply right away. Then you may issue the following command to write the change to the memory :

save

You should be able to use your browser to access the WebUI through SSL.