Avatar for Username

Søg i Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Denne tråd blev arkiveret. Stil et nyt spørgsmål, hvis du har brug for hjælp.

How can I save my modifications to security.tls.insecure_fallback_hosts? They won't save.

cubid
cubid
more options

Here's some context. I'm having problems with a corporate website. I get the following error message:

Secure Connection Failed

The connection to the server was reset while the page was loading. 

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

I've browsed the forums and came across the security.tls.insecure_fallback_hosts tweak. However, whenever I add the URL/domain/host I'm having the issue with and visit the website, the security.tls.insecure_fallback_hosts rolls back my entry and removes the URL/domain/host I manually added. Ironically enough, if I add multiple URL/domain/host, separated by commas, the URL/domain/host I'm having an issue with disappears, and the rest remains the same.

Here's some context. I'm having problems with a corporate website. I get the following error message: Secure Connection Failed The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. I've browsed the forums and came across the security.tls.insecure_fallback_hosts tweak. However, whenever I add the URL/domain/host I'm having the issue with and visit the website, the security.tls.insecure_fallback_hosts rolls back my entry and removes the URL/domain/host I manually added. Ironically enough, if I add multiple URL/domain/host, separated by commas, the URL/domain/host I'm having an issue with disappears, and the rest remains the same.

Alle svar (2)

Shadow110
Shadow110
more options

Hi, please see if this helps : There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate. You would need to update what ever A/V is being used and to look in the forums of the A/V to see if others having a issue.

Please let us know if this solved your issue or if need further assistance.

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hmm, why would it be removed? Perhaps the host requires HTTP Strict Transport Security (HSTS). I don't know whether that affects the fallback list. If it does, Firefox may have learned that from a previous visit to the site (recorded in a file) or it may be on Google's HSTS preload list, which Firefox is now using as well.

What's wrong with the site's security configuration? Can you share the server address or have you run it through a test site such as:

https://www.ssllabs.com/ssltest/