X
Tap here to go to the mobile version of the site.

Safely share files online with encrypted links that “self-destruct.” Try Firefox Send.

Give hackers a swift kick in the cookies. See if your data has been affected by a breach with Firefox Monitor. Try it now.

Access your history, passwords and open tabs wherever you are with Sync. Connect a second device.

Support Forum

After a refresh, almost all https sites give NS_ERROR_NET_INADEQUATE_SECURITY

Posted

It is not giving me an Advanced button or an "I know the risks" button, or any other way to respond. Among the sites that won't load is mozilla.org.

This is what the window says when I try to visit almost any https site:


Your connection is not secure

The website tried to negotiate an inadequate level of security.

www.mozilla.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.

Error code: NS_ERROR_NET_INADEQUATE_SECURITY


I looked at the troubleshooting information, "Important Modified Preferences", but there were no security.* preferences mentioned, or any mention of SSL/TLS.

I tried refreshing again but same result.

Oddly, app.napster.com loads OK (but I can't get it to play any music).

Using 57.0.1, 64-bit, Fedora 27, Linux kernel 4.14.8.

It is not giving me an Advanced button or an "I know the risks" button, or any other way to respond. Among the sites that won't load is mozilla.org. This is what the window says when I try to visit almost any https site: --------------------------------------------------------------------------- Your connection is not secure The website tried to negotiate an inadequate level of security. www.mozilla.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site. Error code: NS_ERROR_NET_INADEQUATE_SECURITY ------------------------------------------------------------------------------- I looked at the troubleshooting information, "Important Modified Preferences", but there were no security.* preferences mentioned, or any mention of SSL/TLS. I tried refreshing again but same result. Oddly, app.napster.com loads OK (but I can't get it to play any music). Using 57.0.1, 64-bit, Fedora 27, Linux kernel 4.14.8.

Chosen solution

Thanks so much, disabling SPDY indeed got my browser working again. However, I'm still uneasy about two things --

  • There is no antivirus, etc. running on this machine
& Why did a refresh trigger this?  The default value of the config option you mention is indeed true, so it was true after the refresh.  But I'm almost positive I never disabled it before.

Oh well, there are enough real problem to worry about without bothering with conceptual ones!

Bob

Read this answer in context 0
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36

More Information

FredMcD
  • Top 10 Contributor
3977 solutions 55388 answers

Helpful Reply

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.

https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can

https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites

https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

Websites don't load - troubleshoot and fix error messages

http://kb.mozillazine.org/Error_loading_websites


NS-ERROR-NET-INADEQUATE-SECURITY INADEQUATE_SECURITY

A workaround to fix this ANNOYING issue is; network.http.spdy.enabled.http2 = false in about:config

Type about:config<enter> in the address bar. If a warning screen comes up, press the I Accept the Risk button. At the top of the screen is a search bar.

There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own. https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message https://support.mozilla.org/en-US/kb/connection-untrusted-error-message [https://support.mozilla.org/en-US/kb/websites-dont-load-troubleshoot-and-fix-errors?redirectlocale=en-US&redirectslug=Error+loading+web+sites Websites don't load - troubleshoot and fix error messages] http://kb.mozillazine.org/Error_loading_websites NS-ERROR-NET-INADEQUATE-SECURITY INADEQUATE_SECURITY A workaround to fix this ANNOYING issue is; '''network.http.spdy.enabled.http2 = false''' in about:config Type '''about:config'''<enter> in the address bar. If a warning screen comes up, press the '''I Accept the Risk''' button. At the top of the screen is a search bar.
Was this helpful to you? 1
Quote

Chosen Solution

Thanks so much, disabling SPDY indeed got my browser working again. However, I'm still uneasy about two things --

  • There is no antivirus, etc. running on this machine
& Why did a refresh trigger this?  The default value of the config option you mention is indeed true, so it was true after the refresh.  But I'm almost positive I never disabled it before.

Oh well, there are enough real problem to worry about without bothering with conceptual ones!

Bob

Thanks so much, disabling SPDY indeed got my browser working again. However, I'm still uneasy about two things -- * There is no antivirus, etc. running on this machine & Why did a refresh trigger this? The default value of the config option you mention is indeed true, so it was true after the refresh. But I'm almost positive I never disabled it before. Oh well, there are enough real problem to worry about without bothering with conceptual ones! Bob

Modified by Blob2

Was this helpful to you?
Quote
cor-el
  • Top 10 Contributor
  • Moderator
16918 solutions 152788 answers

NS_ERROR_NET_INADEQUATE_SECURITY indicates that the server initiates a HTTP/2 connection, but Firefox detects an invalid TLS configuration in the server response (server negotiated HTTP/2 with blacklisted cipher suites). This is likely not an issue with the certificate, but this is a problem with the server setup and there are invalid cipher suites for HTTP/2 claimed (INADEQUATE_SECURITY). http://httpwg.org/specs/rfc7540.html#TLSUsage There might also be other software that acts as a MITM and is interfering. When HTTP/2 is enabled and used then the requirements are much stricter than with HTTP/1.1 You can get the NS_ERROR_NET_INADEQUATE_SECURITY error message in case the server isn't configured properly.

NS_ERROR_NET_INADEQUATE_SECURITY indicates that the server initiates a HTTP/2 connection, but Firefox detects an invalid TLS configuration in the server response (server negotiated HTTP/2 with blacklisted cipher suites). This is likely not an issue with the certificate, but this is a problem with the server setup and there are invalid cipher suites for HTTP/2 claimed (INADEQUATE_SECURITY). http://httpwg.org/specs/rfc7540.html#TLSUsage There might also be other software that acts as a MITM and is interfering. When HTTP/2 is enabled and used then the requirements are much stricter than with HTTP/1.1 You can get the NS_ERROR_NET_INADEQUATE_SECURITY error message in case the server isn't configured properly.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.