Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Secure connection failed in version 37.0.1 but works in all other browsers and firefox 36

  • 1 reply
  • 57 have this problem
  • 11527 views
  • Last reply by cor-el

more options

Very similar issue to this, https://support.mozilla.org/en-US/questions/1056423. Am able to get to http://www.independentagent.com and then when the 'sign in' link is clicked (which redirects to https://sso.iiaba.net/login.aspx?sid=xxx) this error shows:

Secure Connection Failed

The connection to the server was reset while the page was loading.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

I ran the sso.iiaba.net domain through https://www.ssllabs.com/ssltest/analyze.html?d=sso.iiaba.net and it reports a few warnings but gives the site an overall rating of B.

      • Fixed. As noted we were supporting old ciphers. We trimmed and resorted the cipher list and now we get an A on the ssllabs.com scan. Firefox works now, no problems. I wish the original error message was more descriptive.
Attached screenshots

Modified by cal1p3r

Chosen solution

The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the domain (sso.iiaba.net) to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.



This site uses the cipher RC4 for encryption, which is deprecated and insecure. login.aspx
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More]
Read this answer in context 👍 12

All Replies (1)

more options

Chosen Solution

The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the domain (sso.iiaba.net) to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.



This site uses the cipher RC4 for encryption, which is deprecated and insecure. login.aspx
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More]

Modified by cor-el