This article explains why you may see a ''Secure Connection Failed'' {for fx66}or a ''Did Not Connect: Potential Security Issue''{/for} error page and what you can do. *If you see a {for not fx66} ''Your connection is not secure''{/for}{for fx66}''Warning: Potential Security Risk Ahead''{/for} error page, see the [[What do the security warning codes mean?]] article. * To troubleshoot other error messages, see [[Websites don't load - troubleshoot and fix error messages]]. __TOC__ = Secure connection cannot be established = When a website that requires a secure ('''[https://wikipedia.org/wiki/HTTPS https]''') connection tries to secure communication with your computer, Firefox cross-checks this attempt to make sure that the [[Secure Website Certificate|website certificate]] and the connection method are actually secure. If Firefox cannot establish a secure connection, it will display an error page. == Secure Connection Failed == A ''Secure Connection Failed'' error page will include a description of the error, an option to report the error to Mozilla and a {button Try Again} button. There is no option to add a security exception to bypass this type of error. [[Image:fx60SecureConnectionFailed-ErrorCode]] The error page will also include the following information: * ''The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.'' * ''Please contact the website owners to inform them of this problem.'' == Did Not Connect: Potential Security Issue == Certain secure connection failures will result in a ''Did Not Connect: Potential Security Issue'' error page. [[Image:Fx67SecError-DidNotConnect]] The error page will include a description of the potential security threat, an option to report the error to Mozilla and an {button Advanced…} button to view the error code and other technical details. There is no option to add a security exception to visit the website. {/for} = Website issues = ==TLS version unsupported== Some websites try using outdated (no longer secure) [http://wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security] (''TLS'') mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection.<!-- See https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean/discuss/6480#post-13160 --> Contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure. '''Important''': Starting in [[Find what version of Firefox you are using|Firefox version]] 74, the minimum TLS version that will be allowed by default is TLS 1.2. Websites that don't support at least TLS version 1.2 will display a''Secure Connection Failed'' error page with the Error code: SSL_ERROR_UNSUPPORTED_VERSION and a message that, ''This website might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox.'' The error page may also include a message that, ''Enabling TLS 1.0 and TLS 1.1 might allow this connection to succeed.'' and that ''TLS 1.0 and TLS 1.1 will be permanently disabled in a future release.'' with an {button Enable TLS 1.0 and 1.1} button to override this requirement; however, Mozilla plans to remove this override ability in future Firefox versions. See [https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ this Mozilla Web developer page] for details. ==HTST required== Other websites may require [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#Description HTTP Strict Transport Security] (HSTS) and will not allow access with an insecure connection.{/for} = Security software conflict = Many security products use a feature that intercepts secure connections by default. This can produce connection errors or warnings on secure websites. If you see secure connection errors on multiple secure websites, updating your security product or modifying its settings may resolve the issue. See [[How to troubleshoot security error codes on secure websites#w_antivirus-products|this article's section on Antivirus products]] for help with specific security products that can produce these errors, such as [https://www.avast.com Avast], [https://www.avg.com AVG] and [https://www.eset.com ESET] software. {for win8,win10}Alternatively, you can uninstall third-party security software and use Windows Defender, the [https://www.microsoft.com/windows/comprehensive-security built-in] antivirus on Windows 8 and Windows 10.{/for} <!-- commented out based on https://bugzilla.mozilla.org/show_bug.cgi?id=1468892#c50 --> <!-- Another workaround is to set Firefox not to try TLS 1.3: # [[T:aboutconfig]] # In the search box above the list, type or paste '''TLS''' and pause while the list is filtered # Double-click the {pref security.tls.version.max} preference to display a dialog where you can modify the value from '''4''' to '''3''' (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK.--> = Incorrect system clock = Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. An incorrect system date can cause Firefox to detect that the website's security certificate is expired or invalid. Make sure your computer is set to the correct date, time and time zone. For more information, see [[How to troubleshoot time related errors on secure websites]]. = Other secure connection issues = To troubleshoot other secure connection issues not described above, see: *[[Certificate Pinning Reports]]<br>Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE *[[Certificate contains the same serial number as another certificate]]<br>Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL

This article explains why you may see a Secure Connection Failed or a Did Not Connect: Potential Security Issue error page and what you can do.

• If you see a Your connection is not secureWarning: Potential Security Risk Ahead error page, see the What do the security warning codes mean? article.
• To troubleshoot other error messages, see Websites don't load - troubleshoot and fix error messages.

Secure connection cannot be established

When a website that requires a secure (https) connection tries to secure communication with your computer, Firefox cross-checks this attempt to make sure that the website certificate and the connection method are actually secure. If Firefox cannot establish a secure connection, it will display an error page.

Secure Connection Failed

A Secure Connection Failed error page will include a description of the error, an option to report the error to Mozilla and a Try Again button. There is no option to add a security exception to bypass this type of error.

The error page will also include the following information:

• The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
• Please contact the website owners to inform them of this problem.

Did Not Connect: Potential Security Issue

Certain secure connection failures will result in a Did Not Connect: Potential Security Issue error page.

The error page will include a description of the potential security threat, an option to report the error to Mozilla and an Advanced… button to view the error code and other technical details. There is no option to add a security exception to visit the website.

Website issues

TLS version unsupported

Some websites try using outdated (no longer secure) Transport Layer Security (TLS) mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. Contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure.

Important: Starting in Firefox version 74, the minimum TLS version that will be allowed by default is TLS 1.2. Websites that don't support at least TLS version 1.2 will display aSecure Connection Failed error page with the Error code: SSL_ERROR_UNSUPPORTED_VERSION and a message that, This website might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox. The error page may also include a message that, Enabling TLS 1.0 and TLS 1.1 might allow this connection to succeed. and that TLS 1.0 and TLS 1.1 will be permanently disabled in a future release. with an Enable TLS 1.0 and 1.1 button to override this requirement; however, Mozilla plans to remove this override ability in future Firefox versions. See this Mozilla Web developer page for details.

HTST required

Other websites may require HTTP Strict Transport Security (HSTS) and will not allow access with an insecure connection.

Security software conflict

Many security products use a feature that intercepts secure connections by default. This can produce connection errors or warnings on secure websites. If you see secure connection errors on multiple secure websites, updating your security product or modifying its settings may resolve the issue. See this article's section on Antivirus products for help with specific security products that can produce these errors, such as Avast, AVG and ESET software.

Alternatively, you can uninstall third-party security software and use Windows Defender, the built-in antivirus on Windows 8 and Windows 10.

Incorrect system clock

Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. An incorrect system date can cause Firefox to detect that the website's security certificate is expired or invalid. Make sure your computer is set to the correct date, time and time zone. For more information, see How to troubleshoot time related errors on secure websites.

Other secure connection issues

To troubleshoot other secure connection issues not described above, see:

• Certificate Pinning Reports
  Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE

• Certificate contains the same serial number as another certificate
  Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL