Secure connection failed and Firefox did not connect

Revision Information
  • Revision id: 19349
  • Created:
  • Creator: Tonnes
  • Comment: italize (date), delete CR
  • Reviewed: No
  • Ready for localization: No
Revision Source
Revision Content

If Firefox can't access a secure site (one that starts with https:) you will see an error page with the heading, Secure Connection Failed, and a message about the error. This article will describe some of these error messages.

SSL protocol has been disabled

An error occurred during a connection to (site name). Can't connect securely because the SSL protocol has been disabled. (Error code: ssl_error_ssl_disabled)

If you see this error, see Enable SSL to fix the Firefox cannot connect securely error message.

The site uses an older, insecure version of the SSL protocol

An error occurred during a connection to (site name). Can't connect securely because the site uses an older, insecure version of the SSL protocol. (Error code: ssl_error_ssl2_disabled)

If you see this error, see Firefox cannot connect securely because the site uses an older insecure version of the SSL protocol.

Certificate warnings

Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers.

Certificate will not be valid until (date)

(site name) uses an invalid security certificate. The certificate is not trusted because the issuer certificate has expired. The certificate will not be valid until (date). (Error code: sec_error_expired_issuer_certificate)

This error can occur if your computer clock has the wrong date, in which case the date given in the error message will be in the past. To fix the problem, set your system clock to today's date and time (double-click the clock icon on the Windows Taskbar).

The certificate expired on (date)

(site name) uses an invalid security certificate. The certificate expired on (date). (Error code: sec_error_expired_certificate)

This error occurs when a website's identity certification has expired.

This error can also occur if your computer clock has the wrong date. To fix the problem, set your system clock to today's date and time (double-click the clock icon on the Windows Taskbar).

Certificate is only valid for (site name)

(site name) uses an invalid security certificate. The certificate is only valid for (site name). (Error code: ssl_error_bad_cert_domain)

This error is telling you that the certificate sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers, the recipient may not be who you think it is.

A common situation is when the certificate is actually for a different part of the same site. For example, you may have visited https://example.com, but the certificate is for https://www.example.com. In this case, if you access https://www.example.com directly, you should not receive the warning.

The certificate is not trusted because it is self signed

(site name) uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_untrusted_issuer)

or

(site name) uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_ca_cert_invalid)

Self-signed certificates make your data safe from eavesdroppers, but say nothing about who the recipient of the data is. This is common for intranet websites that aren't available publicly.

The certificate contains the same serial number as another certificate

Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. (Error code: sec_error_reused_issuer_and_serial)

This error alerts you to the fact that the certificate the page you're visiting uses has a serial number identical to one you've already accepted. This warning cannot be bypassed using the method below. For more information and for instructions on how to work around this message, see the Certificate contains the same serial number as another certificate article.

The OCSP server has no status for the certificate

An error occurred during a connection to (site name). The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert)

If you see this error, see The OCSP server has no status for the certificate.

Bypassing the warning

You can tell Firefox to bypass these certificate warnings. You should only bypass the warning if you're sure that the site is legitimate. Legitimate public sites will not ask you to do this. An invalid certificate can be an indication of a web page that will defraud you or steal your identity.

  1. On the warning page, click Or you can add an exception....
  2. Click Add Exception.... The Add Security Exception dialog will appear.
  3. Click Get Certificate.
  4. Read the text describing the problems with this site.
  5. Click Confirm Security Exception if you want to trust the site.