diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp
index 74d652131e65..3af7ae55b85b 100644
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
@@ -1210,9 +1210,9 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo)
       .forgetIntolerance(socketInfo->GetHostName(), socketInfo->GetPort());
 
     return false;
-  } else if ((err == SSL_ERROR_NO_CYPHER_OVERLAP ||
-              err == PR_END_OF_FILE_ERROR) &&
-             nsNSSComponent::AreAnyWeakCiphersEnabled()) {
+  }
+  if ((err == SSL_ERROR_NO_CYPHER_OVERLAP || err == PR_END_OF_FILE_ERROR) &&
+      nsNSSComponent::AreAnyWeakCiphersEnabled()) {
     if (socketInfo->SharedState().IOLayerHelpers()
                   .rememberStrongCiphersFailed(socketInfo->GetHostName(),
                                                socketInfo->GetPort(), err)) {
diff --git a/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp b/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp
index 45d64a4115bf..537e324a4772 100644
--- a/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp
+++ b/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp
@@ -33,7 +33,11 @@ TEST_F(TLSIntoleranceTest, Test_Full_Fallback_Process)
     ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_2, range.max);
     ASSERT_EQ(StrongCipherStatusUnknown, strongCipherStatus);
 
-    ASSERT_TRUE(helpers.rememberStrongCiphersFailed(HOST, PORT, 0));
+    ASSERT_TRUE(
+      helpers.rememberStrongCiphersFailed(
+        HOST, PORT, SSL_ERROR_NO_CYPHER_OVERLAP));
+    ASSERT_EQ(SSL_ERROR_NO_CYPHER_OVERLAP,
+              helpers.getIntoleranceReason(HOST, PORT));
   }
 
   {