X
Tap here to go to the mobile version of the site.

Support Forum

When starting TLS handshaking errors (Connection failed) if homepage is Startpage.com or Google.co.uk. Errors do not happen using Edge

Posted

Using V70.0 (64 bit). Suddenly (has there been a recent update to 70?) when I start Firefox it hangs giving the TLS handshake message at the bottom and then fails to open my startpage giving a Connection Failed error (something about end of file error - sorry didnt make a note) - 'try again'. When you click on the button it goes to the home page instantly and works properly from then on. Tried different home pages Startpage.com; google.co.uk etc. ; Tried new profile, deleting history, cookies etc.; disabling addons. No problems using Edge or Chrome so definitely a firefox problem.

Using V70.0 (64 bit). Suddenly (has there been a recent update to 70?) when I start Firefox it hangs giving the TLS handshake message at the bottom and then fails to open my startpage giving a Connection Failed error (something about end of file error - sorry didnt make a note) - 'try again'. When you click on the button it goes to the home page instantly and works properly from then on. Tried different home pages Startpage.com; google.co.uk etc. ; Tried new profile, deleting history, cookies etc.; disabling addons. No problems using Edge or Chrome so definitely a firefox problem.
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

openh264 (Mozilla) widevine (google)

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0

More Information

jscher2000
  • Top 10 Contributor
8797 solutions 71954 answers

Hi whitehairedgeezer2, several users have reported delays with the initial connection in Firefox recently. It seems to mostly affect users who have security software either filtering their web access (such as Avast, AVG, Kaspersky) or overriding Firefox's normal approach to verifying certificates.

If you use a product like that, could you test with interception of secure (HTTPS) requests disabled to see whether that makes any difference? You can find some information on product settings in this article: How to troubleshoot security error codes on secure websites.

Hi whitehairedgeezer2, several users have reported delays with the initial connection in Firefox recently. It seems to mostly affect users who have security software either filtering their web access (such as Avast, AVG, Kaspersky) or overriding Firefox's normal approach to verifying certificates. If you use a product like that, could you test with interception of secure (HTTPS) requests disabled to see whether that makes any difference? You can find some information on product settings in this article: [[How to troubleshoot security error codes on secure websites]].
Was this helpful to you?
Quote

Question owner

Am using Kaspersky Free version. Tried interception of secure (HTTPS) requests disabled and also switched off Kaspersky altogether. No change in startup delay

Am using Kaspersky Free version. Tried interception of secure (HTTPS) requests disabled and also switched off Kaspersky altogether. No change in startup delay
Was this helpful to you?
Quote
jscher2000
  • Top 10 Contributor
8797 solutions 71954 answers

Could you check the following setting:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box above the list, type or paste enterp and pause while the list is filtered

The security.enterprise_roots.enabled preference has a default of false, which means that Firefox will use its own certificate store for verifying site SSL certificates.

When this preference is "modified" to true, Firefox will use the system certificate store. You can double-click to restore the default value.

If the preference status is locked, that usually indicates an external configuration or policy file is altering the setting.

Could you check the following setting: (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button accepting the risk. (2) In the search box above the list, type or paste '''enterp''' and pause while the list is filtered The '''security.enterprise_roots.enabled''' preference has a default of false, which means that Firefox will use its own certificate store for verifying site SSL certificates. When this preference is "modified" to true, Firefox will use the system certificate store. You can double-click to restore the default value. If the preference status is ''locked'', that usually indicates an external configuration or policy file is altering the setting.
Was this helpful to you?
Quote

Question owner

security.enterprise_roots.enabled is set to true and locked security.certerrors.mitm.auto_enable_enterprise_roots is set to default and true

security.enterprise_roots.enabled is set to true and locked security.certerrors.mitm.auto_enable_enterprise_roots is set to default and true
Was this helpful to you?
Quote
jscher2000
  • Top 10 Contributor
8797 solutions 71954 answers

If you check the built-in about:policies page does the "Active" panel indicate there is a Policy related to either:

  • ImportEnterpriseRoots
  • certificates

If not, some security software may be using an Autoconfig file. (more details later, have to leave the keyboard)

If you check the built-in '''about:policies''' page does the "Active" panel indicate there is a Policy related to either: * ImportEnterpriseRoots * certificates If not, some security software may be using an Autoconfig file. (more details later, have to leave the keyboard)
Was this helpful to you?
Quote

Question owner

All there is on the Active policies page is the line: The Enterprise Policies service is inactive.

All there is on the Active policies page is the line: The Enterprise Policies service is inactive.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.