Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSL_ERROR_BAD_MAC_ALERT

  • 12 replies
  • 15 have this problem
  • 1 view
  • Last reply by gavenkoa

more options

A couple users at our site intermittently receive a SSL_ERROR_BAD_MAC_ALERT error when navigating to Google in Firefox. This happens in Version 99.0.1 (64-bit) on Windows 10 computers. When the issue occurs, users can navigate to other websites without issues. Navigating to Google in a different browser works no problem. Restarting the browser will resolve the issue. Clearing cookies and site data has no effect. Users can also refresh the page after some time and the issue will go away.

Any idea as to why this is happening?

A couple users at our site intermittently receive a SSL_ERROR_BAD_MAC_ALERT error when navigating to Google in Firefox. This happens in Version 99.0.1 (64-bit) on Windows 10 computers. When the issue occurs, users can navigate to other websites without issues. Navigating to Google in a different browser works no problem. Restarting the browser will resolve the issue. Clearing cookies and site data has no effect. Users can also refresh the page after some time and the issue will go away. Any idea as to why this is happening?
Attached screenshots

Chosen solution

This could be a problem with the TLS 1.3 Early Data feature also known as Zero Round Trip Time Resumption (0rtt). You can try to set security.tls.enable_0rtt_data = false on the about:config page to disable this feature until this is fixed by Google or Mozilla to see if that helps.

See also:

Read this answer in context 👍 8

All Replies (12)

more options
more options

You can check the connection settings.

  • Settings -> General -> Network: Connection -> Settings

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

more options

Unfortunately, none of the suggestions in those articles resolves the issue.

more options

I'm also having this issue with more and more users... They are all work from home

We tried the following:

   Cleared Cache & Cookies
   Refreshed Firefox 
   Deleted the user's Mozilla Firefox folders from \AppData
   Re-installation of Firefox
   Tried to change windows DNS to Cloudflares and Google's
   Migrated to Firefox regular from DEV Firefox
   Disabled DNS Prefetching in Firefox Settings
   Disabled AV for one user
   Adding Website to a list of Insecure FallBack Hosts
   Power Cycling PC + Router/Modem


The only solution so far is to migrate the user to Chrome Browser instead But we would rather avoid that if possible..

Modified by Nestea

more options

I should clarify that I tried all of the solutions except for disabling AV (Sophos), which I cannot do. If you know of a different way to check if the AV software is causing the issue, I would be happy to try it.

The solution outlined here did temporarily resolve the issue:

https://superuser.com/questions/1280239/firefox-secure-connection-failed-ssl-error-bad-mac-alert

However, the issue is occurring today again. Interestingly, reverting that change temporarily resolved the issue again. So it seems that just changing that setting refreshes something to alleviate the issue, but then it will still come back after some time.

more options

krisa15 said

If you know of a different way to check if the AV software is causing the issue . . .

Start your Computer in safe mode with network support. Then start Firefox. Try Secure websites. Is the problem still there?

Starting Any Computer In Safe Mode (web link) Free Online Encyclopedia

https://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10/ +++++++++++++++++++++++++++++++++++++++++++++++ If the problem goes away with the computer in Safe Mode, the problem is with one of the other programs on the system.

As a test, disable your protection programs.

more options

I can confirm that the issue does not occur is safe mode. I also, ran process monitor and do see Sophos performing operations on Firefox files when the issue is active.

It seems that updating any of the security.tls* parameters in Firefox will temporarily resolve the issue. I tested changing a few other random settings, but that did not resolve the issue. It seems that changing any of the security.tls* parameters clears some sort of cached information that might be corrupt.

more options

Chosen Solution

This could be a problem with the TLS 1.3 Early Data feature also known as Zero Round Trip Time Resumption (0rtt). You can try to set security.tls.enable_0rtt_data = false on the about:config page to disable this feature until this is fixed by Google or Mozilla to see if that helps.

See also:

more options

The issue has not occurred again since setting security.tls.enable_0rtt_data = false.

Thanks!

more options

Same problem here. Disabling Sophos Intercept X Essentials (temporarily) solves the problem.

Other browser, Microsoft Edge, no problem at all.

Will try the the about:config suggestion.

more options

I have the same issue on one (and only one) computer and I've only found the issue with google.com. A few searches (or a few pages of the one search) and the connection dies and I get the MAC error as per the OP. No other site is affected and flipping to another browser and google then works fine. The computer is win10 20H2 with the commercial version of windows security & with corp firewall & filters between me & the big bad internet. I'd tried numerous options posted elsewhere, but setting "security.tls.enable_0rtt_data" to false immediately fixed the problem without needing to restart FF. In contrast to some of the other comments, restarting FF did not fix the problem for me, the only fix was to wait a good 4-5 hours & suddenly I was able to access google again. Even rebooting the pc was no help.

One possibly relevant pre-existing FF tweak I use is to force google to use google.com and not google.com.au (I get a more useful search results from the former compared to the local version).

more options

If you have Sophos installed it is the cause of the error. Set "security.tls.enable_0rtt_data" to "false". New zero round-trip TLS is broken by Sophos, need to tell Firefox to avoid it.

Details: https://bugzilla.mozilla.org/show_bug.cgi?id=1770742