X
Tap here to go to the mobile version of the site.

Support Forum

Secure Connection Failed: the authenticity of the received data could not be verified

Posted

I got "Secure Connection Failed, The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem." message when I go to the site "https://gearup.ed.gov/". I checked my server is set up TLS 1.2

I am using Firefox 62, in my SSLtest, I got "Firefox 62 / Win 7 R Server closed connection" https://www.ssllabs.com/ssltest/analyze.html?d=gearup.ed.gov

Does anyone how to fix that issue? Thanks

I got "Secure Connection Failed, The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem." message when I go to the site "https://gearup.ed.gov/". I checked my server is set up TLS 1.2 I am using Firefox 62, in my SSLtest, I got "Firefox 62 / Win 7 R Server closed connection" https://www.ssllabs.com/ssltest/analyze.html?d=gearup.ed.gov Does anyone how to fix that issue? Thanks

Chosen solution

@FredMcD, I don't have Firefox 54, but I reinstall Firefox 61.0.2 , URL: https://gearup.ed.gov is working in Firefox 61.0.2

The URL you posted https://www.ed.gov/category/keyword/gear, that is from other site. That is not from my server. Thanks

Read this answer in context 0
Shadow110 1072 solutions 14836 answers

Hi, what security software are you using and please list your Extensions ??

Hi, what security software are you using and please list your Extensions ??

Helpful Reply

Our server is in Window2012 R2, and we have DigiCert SSL installed in that server with DigiCert Certificate Utility

Our server is in Window2012 R2, and we have DigiCert SSL installed in that server with DigiCert Certificate Utility
Shadow110 1072 solutions 14836 answers

Hi: What you are asking is beyond Firefox Volunteer Support

does not this page give you the answer  : https://www.ssllabs.com/ssltest/analyze.html?d=gearup.ed.gov You may or may not have to run it with the 1st URL.

This forum is for regular releases. Please move all of your Firefox builds to the Extended Support Release 60.2.0 which is very stable.

Please see : https://www.mozilla.org/en-US/firefox/enterprise/

Please see rest of URL fr more info : https://www.google.com/search?q=firefox+enterprise&ie=utf-8&oe=utf-8&client=firefox-b

Thank You for Contacting Firefox Support.

Hi: What you are asking is beyond Firefox Volunteer Support does not this page give you the answer : https://www.ssllabs.com/ssltest/analyze.html?d=gearup.ed.gov You may or may not have to run it with the 1st URL. This forum is for regular releases. Please move all of your Firefox builds to the Extended Support Release 60.2.0 which is very stable. Please see : https://www.mozilla.org/en-US/firefox/enterprise/ *https://www.mozilla.org/en-US/firefox/organizations/ Please see rest of URL fr more info : https://www.google.com/search?q=firefox+enterprise&ie=utf-8&oe=utf-8&client=firefox-b Thank You for Contacting Firefox Support.

Question owner

Thanks Pkshadow. I will contact bugzilla.

Thanks Pkshadow. I will contact bugzilla.
Shadow110 1072 solutions 14836 answers

What security software are you running. I can not get to the site also with Firefox though Seamonkey can.

When I look at the site info it shows as there is no certificate. Hold on with the bug report as someone else may know.

What security software are you running. I can not get to the site also with Firefox though Seamonkey can. When I look at the site info it shows as there is no certificate. Hold on with the bug report as someone else may know.
Shadow110 1072 solutions 14836 answers

Have called for help.

Have called for help.
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157931 answers

Doesn't work for me as well with Firefox with the default settings.

OK, I did some testing and with lower security I can access this website. I need to disable TLS 1.3 because the server only supports TLS 1.2 and apparently doesn't like TLS 1.3

  • security.tls.version.max = 3

EDIT: it is enough to modify this pref to allow Firefox to fall back to TLS 1.2.

  • security.tls.version.fallback-limit = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

The server only works in Firefox with a weak cipher suit enabled.

  • security.ssl3.dhe_rsa_aes_256_sha = true

Note that this pref is one of the two prefs that are involved with the Logjam vulnerability, so it is not a good idea to leave this cipher suite enabled.

Website: gearup.ed.gov
Owner: This website does not supply ownership information.
Verified by: DigiCert Inc
Technical Details
Connection Encrypted (TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 256 bit keys, TLS 1.2)

You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

Doesn't work for me as well with Firefox with the default settings. OK, I did some testing and with lower security I can access this website. <strike>I need to disable TLS 1.3 because the server only supports TLS 1.2 and apparently doesn't like TLS 1.3 *security.tls.version.max = 3</strike> EDIT: it is enough to modify this pref to allow Firefox to fall back to TLS 1.2. *security.tls.version.fallback-limit = 3 *1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3; The server only works in Firefox with a weak cipher suit enabled. *security.ssl3.dhe_rsa_aes_256_sha = true Note that this pref is one of the two prefs that are involved with the Logjam vulnerability, so it is not a good idea to leave this cipher suite enabled. <pre>Website: gearup.ed.gov Owner: This website does not supply ownership information. Verified by: DigiCert Inc Technical Details Connection Encrypted (TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 256 bit keys, TLS 1.2) </pre> You can open the <b>about:config</b> page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue. *http://kb.mozillazine.org/about:config

Modified by cor-el

cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157931 answers

It is enough to set the fallback-limit to 3 in combination with the weak cipher suite.

  • security.tls.version.fallback-limit = 3
  • security.ssl3.dhe_rsa_aes_256_sha = true
It is enough to set the fallback-limit to 3 in combination with the weak cipher suite. *security.tls.version.fallback-limit = 3 *security.ssl3.dhe_rsa_aes_256_sha = true
FredMcD
  • Top 10 Contributor
4246 solutions 59390 answers

I did a web search and found this link; https://www.ed.gov/category/keyword/gear

I did a web search and found this link; https://www.ed.gov/category/keyword/gear

Question owner

If I fall back to Extended Support Release 60.2.0. The site works fine. Here is the URL https://gearup.ed.gov/. Chrome, Safari and MS Edge works fine. I just wonder what is the set up make Firefox 62 get the error.

If I fall back to Extended Support Release 60.2.0. The site works fine. Here is the URL https://gearup.ed.gov/. Chrome, Safari and MS Edge works fine. I just wonder what is the set up make Firefox 62 get the error.
FredMcD
  • Top 10 Contributor
4246 solutions 59390 answers

I am using Firefox 54 and I get the error. Have you checked out the link I posted?

I am using Firefox 54 and I get the error. Have you checked out the link I posted?

Chosen Solution

@FredMcD, I don't have Firefox 54, but I reinstall Firefox 61.0.2 , URL: https://gearup.ed.gov is working in Firefox 61.0.2

The URL you posted https://www.ed.gov/category/keyword/gear, that is from other site. That is not from my server. Thanks

@FredMcD, I don't have Firefox 54, but I reinstall Firefox 61.0.2 , URL: https://gearup.ed.gov is working in Firefox 61.0.2 The URL you posted https://www.ed.gov/category/keyword/gear, that is from other site. That is not from my server. Thanks
FredMcD
  • Top 10 Contributor
4246 solutions 59390 answers

That was very good work. Well done. Please flag your last post as Solved Problem so others will know.

That was very good work. Well done. Please flag your last post as '''Solved Problem''' so others will know.
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157931 answers

Did you read my above replies about TLS 1.3 and the SSL cipher suite?

In Firefox 60 ESR the fallback pref still had a value of 3 like you can check on the about:config page.

  • security.tls.version.fallback-limit = 3

If you do not have the SSL logjam cipher suites disabled like you actually should have then Firefox will work with the Firefox 60 ESR version.

  • security.ssl3.dhe_rsa_aes_256_sha = true

So with the pref setting I wrote in the second reply the website should work in Firefox 62.

Did you read my above replies about TLS 1.3 and the SSL cipher suite? In Firefox 60 ESR the fallback pref still had a value of 3 like you can check on the <b>about:config</b> page. *security.tls.version.fallback-limit = 3 If you do not have the SSL logjam cipher suites disabled like you actually should have then Firefox will work with the Firefox 60 ESR version. *security.ssl3.dhe_rsa_aes_256_sha = true So with the pref setting I wrote in the second reply the website should work in Firefox 62. *https://support.mozilla.org/en-US/questions/1233695#answer-1155518 *https://support.mozilla.org/en-US/questions/1233695#answer-1155522
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157931 answers

Helpful Reply

You can update to Firefox 62.0.2 (just released) that has a fix for the involved cipher suite.

  • Help -> About Firefox

The only requirement is that this pref is set to true on the about:config page to enable the only cipher suite that this server can use for Firefox.

  • security.ssl3.dhe_rsa_aes_256_sha = true
You can update to Firefox 62.0.2 (just released) that has a fix for the involved cipher suite. *Help -> About Firefox The only requirement is that this pref is set to true on the <b>about:config</b> page to enable the only cipher suite that this server can use for Firefox. *security.ssl3.dhe_rsa_aes_256_sha = true

Question owner

@cor-el, I updated to 62.0.2, the issue is gone. Thanks

@cor-el, I updated to 62.0.2, the issue is gone. Thanks