This thread was archived. Please ask a new question if you need help.
Secure Connection Failed (no option for exception)
I've encountered this problem on multiple websites, but at the moment it's forums.nexusmods.com that's giving me trouble.
Trying to log in to the forums. The forum index page does not require HTTPS. I click "sign in", and a (probably AJAX) dialog appears for entering username and password. I enter them, and click the sign in button. Firefox tries to load the next page, which is an HTTPS page, and fails with a "Secure Connection Failed" error message (see link 1). There is no option to add a security exception.
If I go back to the forums' index page and attempt to force it to use HTTPS there (either by manually adding the "s" to the protocol in the address bar or with the "HTTPS Everywhere" extension), I get the same problem—Secure Connection Failed, no option for adding an exception.
I normally use Waterfox rather than regular Firefox, but I tried using Firefox to work around this problem, and both are exhibiting the exact same behavior.
However, the site works just fine in Chrome, even with HTTPS Everywhere active.
Link 1: http://i.imgur.com/66jaILM.png
All Replies (10)
The forums.nexusmods.com server doesn't send all intermediate certificates needed to build a complete certificate chain.
- COMODO RSA Domain Validation Secure Server CA
A server needs to send the full certificate chain that includes all required intermediate certificates. Firefox will automatically store intermediate certificates that servers send in the Certificate Manager for future use, so if you have visited a website that has send this intermediate certificate in the past then Firefox will not display the error page when you visit a server that doesn't send this intermediate certificate.
You can check the server via this website:
You can download the intermediate certificate from this web page and import the certificate in the Certificate Manager.
Do NOT set any trust bits when importing the certificate as those are only required for trusted root certificates and should never be set for intermediate certificates.
Modified by cor-el
No good. When I tried to import that certificate, Firefox said it was already installed.
Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
In the location field of this window type or paste the URL of the website with the https:// protocol prefix (https://xxx.xxx).
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer. Check who is the issuer of the certificate. If necessary then please attach a screenshot that shows the Certificate Viewer with the issuer.
Hi SilverlightPony, you had me at --
I've encountered this problem on multiple websites
When you get connection errors on many/most secure sites, the problem usually is one of the following:
(1) Error in your system's date, time, or time zone, which throws off certificate validity checks. Sometimes allowing computers to use an internet-based time source can introduce this problem.
(2) Firefox not being set up to work with your security software that intercepts and filters secure connections. Products with this feature include Avast, BitDefender, Bullguard, ESET, and Kaspersky; AVG LinkScanner / SurfShield can cause this error on search sites.
(3) On Windows 10, Firefox not being set up to work with the parental control software Microsoft Family Safety. (To test by turning it off, see: http://windows.microsoft.com/en-us/wi.../turn-off-microsoft-family-settings)
(4) Malware on your system intercepting secure connections.
If you have any of those specific security products:
That would be the first thing to check. This support article will walk you through it: How to troubleshoot security error codes on secure websites.
If none of those ring a bell:
You could inspect a sample certificate to see whether that points to the culprit. If you want to try that now, here's how I suggest starting:
Load my test page at: https://jeffersonscher.com/res/jstest.php
You likely will get an error page. Expand the "Advanced" button and look for an Add Exception button.
Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.
Click Add Exception, and the certificate exception dialog should open.
Click the View button. If View is not enabled, try the Get Certificate button first.
This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.
What have you been doing when you encounter problems in the past -- have you saved any exceptions? If so, you could review the issuer information in those certificates to see whether there is a pattern that points to a particular culprit.
You can call up the Certificate Manager on the Options page. Either:
"3-bar" menu button (or Tools menu) > Options
In the left column, click Advanced, then on the right side make sure the Certificates mini-tab is selected at the top. Finally, click View Certificates to launch the Certificate Manager.
In this dialog, click Servers. The ones where a * is listed as the server are built-in blockers, so ignore those and check the ones you think you have saved. Anything interesting?
I notice that the screenshots show that you use(d) a 64 bit Waterfox version.
Does this also happen with the official Firefox release from the Mozilla server?
Boot the computer in Windows Safe Mode with network support (press F8 on the boot screen or hold down the Shift key) to see if that has effect.
Digging this back up because it's happening on a new website-- harristeeter.com, the site for one of the local supermarket chains.
I've looked around the net and tried a few different purported solutions, none of which worked.
Same problem appears in both Waterfox and official Mozilla release of Firefox.
What other browsers do you have to check the site in? For example, if you have Google Chrome:
After loading the site in Chrome, click the padlock in the address bar, then there's a link called Details, and that opens a panel at the bottom of the tab with the View Certificate button. Does it look like the attached?
Note: if you click the padlock in the address bar for a Microsoft browser, there probably is a similar way to view this dialog.
The image is not uploading at the moment. See: http://imgur.com/a/BQSLn
Modified by jscher2000
@jscher200 Yep, identical.