Secure connection failed and Firefox did not connect
This is not a question. It is a complaint. I can't see anywhere else to lodge it.
I am on a mac mini. I keep getting "Secure connection failed and Firefox did not connect" on secure government sites and others that I know are just fine. I'm sick of it. This did not happen till recently and I have not changed my settings or preferences for over a year.
When I get this message these days, guess what I do - I switch browsers. I would like to keep using Firefox. I like it. However, I get this message on too many sites to put up with it any longer. If it isn't adjusted in the next update, I will strongly consider switching browsers permanently.
Even Safari allows me to continue to the site - certificate or no certificate. Blocking me from the site is ridiculous. Fix it.
Thanks for the reply. Avast isn't supposed to be running anything unless I ask it to. Easier to get rid of it. It has been more trouble than it's worth. Thank you.Read this answer in context 👍 0
All Replies (7)
Hi combinola, Firefox has two different errors pages:
- Secure Connection Failed -- this may indicate Firefox and the site couldn't agree how to connect. There should be more detail in the page about the source of the problem. If you can share any error codes (often in caps like SEC_ERROR_BLAH_BLAH), that would help us better understand why you're getting this so often.
- Did Not Connect: Potential Security Issue -- this page often has an "Advanced" button providing more information about the nature of the problem and sometimes providing a bypass. If your visit to the site involves sensitive information, I suggest investigating before disregarding the warning. The site could well be Fort Knox, but if Firefox says the responding server hasn't proven its identity, that can indicate a man in the middle intercepting your connection to the site. Might be your security software, parental control, spyware, or identity theft.
Thanks for your reply. The one I see most is a site I had no problem accessing in March and April but it blocked now. It isn't the only site. Here's the information I see -
Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: false Certificate chain:
-----BEGIN CERTIFICATE----- MIIEVjCCAz6gAwIBAgIBLDANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJDWjEP MA0GA1UECAwGUHJhZ3VlMQ4wDAYDVQQKDAVBVkFTVDEdMBsGA1UECwwUU29mdHdh cmUgRGV2ZWxvcG1lbnQxGzAZBgNVBAMMEkF2YXN0IHVudHJ1c3RlZCBDQTAeFw0x NzEwMjMwMDAwMDBaFw0yMDEwMjIyMzU5NTlaMIIBDDELMAkGA1UEBhMCVVMxDjAM BgNVBBETBTg0MTE0MQ0wCwYDVQQIEwRVdGFoMRcwFQYDVQQHEw5TYWx0IExha2Ug Q2l0eTESMBAGA1UECRMJUm9vbSA2MDAwMSAwHgYDVQQJExcxIFN0YXRlIE9mZmlj ZSBCdWlsZGluZzEcMBoGA1UEChMTU3RhdGUgb2YgVXRhaCAtIERUUzEcMBoGA1UE CxMTVGVjaG5vbG9neSBTZXJ2aWNlczEgMB4GA1UECxMXSG9zdGVkIGJ5IFN0YXRl IG9mIFV0YWgxHDAaBgNVBAsTE1ByZW1pdW1TU0wgV2lsZGNhcmQxEzARBgNVBAMM CioudXRhaC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYQYRN 4zhNlOejgNA2lxQ2cnuhFCOSIrx/ZoLP+rXvs53e6VhcPcY6tAYFf9ARQPcOvqyo +N/BS/5oh7UhC4fqHnv0rHefPPO373Tvuqd/rckB6223j/cWB7E9HhJwpBNUaafk 6EsLG/IpbQSoFG4E+Z6ZTL/0BdleZAClFy+ojnTZR1H/VcxqNy94+cyt6rLgNEC8 JTPoW2NHWX3WoCK4uxLjv9D8b1k/qAmJF/HiCyHLUZoqbMX10zhiGeVm6SEsbvuO cZMPkqwByccRgIh9R7tCENJSooTz73M42EyY4F+aCR2FLkUEx1szz/VfQ4jeSLZ8 naAf3U1wz44gjnxTAgMBAAGjYzBhMB0GA1UdDgQWBBSm9ZQSDy/UFSfST542ZgDU jkyF5DAfBgNVHSMEGDAWgBTp/jPvQlN6eZb6I6HGKBMgDJE+wTAfBgNVHREEGDAW ggoqLnV0YWguZ292ggh1dGFoLmdvdjANBgkqhkiG9w0BAQsFAAOCAQEAQ1Fo6SkC GSzAHZsgb+m8ggj9WgIhoBJc7RbeD5CnlzocJB40N8g/Do+iUs2US99UIaoOO8Ev DhbKfTvsO5j08QqXy9elLPJcc2wI7NJr8fZZyYqyH+wr/RS9RIwa2BCIGOvB8YiF lbLLElFe91s1Tx1Tq3g/AcP516vQG8UzuCdZjbsGNIy0bz/6lAjR+yM1NaYofUYd jZRPvWhte7rkt42bSzF06SLrmhpPBilJa5r22QEkqWBqfW5Qs04qZF0YcJqxpYOD KlL+KadG0xVzomzI4YHnsYfWSZz2t1rwAwQ9ixNuSMAZfBoQmMDqtVyocMR1MqtO 6Y19Pth3TvbfcA== -----END CERTIFICATE-----
Modified by cor-el
If I can just make the point. I appreciate warnings. However, after that, it is my decision to make. Sites should not be blocked - ever.
The certificate is issued by your Avast security software.
See the Avast section in this article about how to deal with this issue.
That certificate says it was issued (signed) by "Avast untrusted CA".
So maybe you are running Avast, and Avast is set to scan encrypted web traffic (Web Shield). Or possibly AVG?
If so, then the "man in the middle" may be trustworthy (despite the certificate name).
We used to detail how to set up Firefox specifically to trust Avast's fake website certificates, but that means researching each year's release and it's getting into the evening here so I'll mention is a simpler workaround: tell Firefox to use the system certificate store instead of its own. Here's how if you want to try it:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
(2) In the search box in the page, type or paste enterp and pause while the list is filtered
(3) Double-click the security.enterprise_roots.enabled preference to switch the value from false to true
Now Firefox should use the same certificate store as Safari. Does that work?
More info on about:config: Configuration Editor for Firefox.
Sites should not be blocked - ever.
Let's say you've visited Google, and Firefox detects that a server saying it is Google is not presenting a valid certificate. Google previously told Firefox NEVER EVER connect to a server saying it is Google if the certificate is not valid. This is called HTTP Strict Transport Security and Firefox enforces that. So unfortunately you cannot have your wish to browser as insecurely as you like while you're using Firefox.
Thanks for the reply. Avast isn't supposed to be running anything unless I ask it to. Easier to get rid of it. It has been more trouble than it's worth. Thank you.