If Firefox can't access a secure site (one that starts with '''https''') you will see an error page with the heading '''Secure Connection Failed''' and a message about the error. * If you see this heading without accessing a secure site, see [[Troubleshooting extensions and themes]]. *If you see the error message '''Your connection is not secure''', see the article [[What does "Your connection is not secure" mean?]]. * For troubleshooting other error messages, see [[Websites don't load - troubleshoot and fix error messages]]. __TOC__ = Secure connection cannot be established = When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure. == Website issues == Some websites try using out-dated (no longer secure) [http://en.wikipedia.org/wiki/Transport_Layer_Security ''TLS''] mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. When this happens, you will see an error page with the option to report the error to Mozilla. <!-- The above is copied from https://support.mozilla.org/en-US/kb/tls-error-reports/revision/93059 (TLS Error Reports now redirects - see https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean/discuss/6480#post-13160 --> ;[[Image:Fx45 Report SSL Errors]] If you experience this problem, contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure. == Security software conflict == '''If you use an [https://www.eset.com ESET] security product such as NOD32 Antivirus or ESET Internet Security,''' turning off one of the following settings and then turning it back on may help eliminate the error. *''Enable application protocol content filtering'' *''Enable SSL/TLS protocol filtering'' For detailed instructions, see [http://www.askvg.com/fix-secure-connection-failed-problem-in-mozilla-firefox-web-browser/ this AskVG.com article]. If you have questions or concerns about modifying these settings, please visit [http://support.eset.com/ ESET support].<!-- See https://support.mozilla.org/questions/1174146 and https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message/discuss/7169 --> '''Avast users''' (and perhaps some others) are getting intermittent ''Secure Connection Failed'' errors with the <code>SSL_ERROR_RX_RECORD_TOO_LONG</code> error code. These errors are intermittent and often clear up after a few reloads. One workaround could be to modify the Avast/AVG Web Shield settings to not scan secure connections. For more information, see [https://support.avast.com/en-us/article/189/ Managing HTTPS scanning in Web Shield in Avast Antivirus] on Avast support site.<!-- Select your country at the bottom of the US support page to find the support page in your language.--> Another workaround is to set Firefox not to try TLS 1.3: # [[T:aboutconfig]] # In the search box above the list, type or paste '''TLS''' and pause while the list is filtered # Double-click the {pref security.tls.version.max} preference to display a dialog where you can modify the value from '''4''' to '''3''' (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK. There is at least one thread on the [https://forum.avast.com/ Avast forums] about this issue: [https://forum.avast.com/index.php?topic=219812.0 Reporting a minor bug with firefox, broken SSL connexions]. <!-- See https://support.mozilla.org/en-US/forums/contributors/713055 ... which references https://support.mozilla.org/questions/1222739 and https://www.reddit.com/r/firefox/comments/8smtga/question_about_securitytlsversionmax/ --> = Certificate warnings = Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. For a list of certificate warnings and error codes, see the article [[What does "Your connection is not secure" mean?]]. == Incorrect date settings == If the date is not correct on your system, this can cause Firefox to detect that the website's security certificate is expired or invalid. You should ensure that your system clock is set to today's date and time{for win} (double-click the clock icon on the Windows Taskbar){/for}. For information, see the article [[How to troubleshoot time related errors on secure websites]].

If Firefox can't access a secure site (one that starts with https) you will see an error page with the heading Secure Connection Failed and a message about the error.

• If you see this heading without accessing a secure site, see Troubleshoot extensions, themes and hardware acceleration issues to solve common Firefox problems.
• If you see the error message Your connection is not secure, see the article What do the security warning codes mean?.
• For troubleshooting other error messages, see Websites don't load - troubleshoot and fix error messages.

Secure connection cannot be established

When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure.

Website issues

Some websites try using out-dated (no longer secure) TLS mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. When this happens, you will see an error page with the option to report the error to Mozilla.

If you experience this problem, contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure.

Security software conflict

If you use an ESET security product such as NOD32 Antivirus or ESET Internet Security, turning off one of the following settings and then turning it back on may help eliminate the error.

• Enable application protocol content filtering
• Enable SSL/TLS protocol filtering

For detailed instructions, see this AskVG.com article. If you have questions or concerns about modifying these settings, please visit ESET support.

Avast users (and perhaps some others) are getting intermittent Secure Connection Failed errors with the SSL_ERROR_RX_RECORD_TOO_LONG error code. These errors are intermittent and often clear up after a few reloads. One workaround could be to modify the Avast/AVG Web Shield settings to not scan secure connections. For more information, see Managing HTTPS scanning in Web Shield in Avast Antivirus on Avast support site.

Another workaround is to set Firefox not to try TLS 1.3:

1. Type about:config in the address bar and press EnterReturn.
   A warning page may appear. Click Accept the Risk and Continue to go to the about:config page.
2. In the search box above the list, type or paste TLS and pause while the list is filtered
3. Double-click the security.tls.version.max preference to display a dialog where you can modify the value from 4 to 3 (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK.

There is at least one thread on the Avast forums about this issue: Reporting a minor bug with firefox, broken SSL connexions.

Certificate warnings

Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. For a list of certificate warnings and error codes, see the article What do the security warning codes mean?.

Incorrect date settings

If the date is not correct on your system, this can cause Firefox to detect that the website's security certificate is expired or invalid. You should ensure that your system clock is set to today's date and time (double-click the clock icon on the Windows Taskbar). For information, see the article How to troubleshoot time related errors on secure websites.