Compare Revisions

If Firefox can't access a secure site (one that starts with https:) you will see an error page with the heading, "Secure Connection Failed", and a message about the error. This article will describe some of these error messages.

If Firefox can't access a secure site (one that starts with https:) you will see an error page with the heading, '''Secure Connection Failed''', and a message about the error. This article will describe some of these error messages. * If you see this heading without accessing a secure site, see [[Troubleshooting extensions and themes]]. * If you don't see this heading, see [[Error loading web sites]]. __TOC__ = SSL protocol has been disabled = {note}An error occurred during a connection to ''(site name)''. Can't connect securely because the SSL protocol has been disabled. (Error code: ssl_error_ssl_disabled){/note} If you see this error, see [[Firefox cannot connect securely because the SSL protocol is disabled]]. = The site uses an older, insecure version of the SSL protocol = {note}An error occurred during a connection to ''(site name)''. Can't connect securely because the site uses an older, insecure version of the SSL protocol. (Error code: ssl_error_ssl2_disabled){/note} If you see this error, see [[Firefox cannot connect securely because the site uses an older insecure version of the SSL protocol]]. = Certificate warnings = Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. == Certificate will not be valid until ''(date)'' == {note}''(site name)'' uses an invalid security certificate. The certificate is not trusted because the issuer certificate has expired. The certificate will not be valid until ''(date)''. (Error code: sec_error_expired_issuer_certificate){/note} This error can occur if your computer clock has the wrong date, in which case the date given in the error message will be in the past. To fix the problem, set your system clock to today's date and time{for win} (double-click the clock icon on the Windows Taskbar){/for}. == The certificate expired on ''(date)'' == {note}(site name) uses an invalid security certificate. The certificate expired on (date). (Error code: sec_error_expired_certificate){/note} This error occurs when a website's identity certification has expired. This error can also occur if your computer clock has the wrong date. To fix the problem, set your system clock to today's date and time{for win} (double-click the clock icon on the Windows Taskbar){/for}. == Certificate is only valid for ''(site name)'' == {note}''(site name)'' uses an invalid security certificate. The certificate is only valid for ''(site name)''. (Error code: ssl_error_bad_cert_domain){/note} This error is telling you that the certificate sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers, the recipient may not be who you think it is. A common situation is when the certificate is actually for a different part of the same site. For example, you may have visited https://example<!---->.com, but the certificate is for https://'''www.'''example<!---->.com. In this case, if you access https://'''www.'''example<!---->.com directly, you should not receive the warning. == The certificate is not trusted because it is self signed == {note}''(site name)'' uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_untrusted_issuer){/note} or {note}''(site name)'' uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_ca_cert_invalid){/note} Self-signed certificates make your data safe from eavesdroppers, but say nothing about who the recipient of the data is. This is common for intranet websites that aren't available publicly. == The certificate contains the same serial number as another certificate == {note}Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. (Error code: sec_error_reused_issuer_and_serial){/note} This error alerts you to the fact that the certificate the page you're visiting uses has a serial number identical to one you've already accepted. '''This warning cannot be bypassed using the method below.''' For more information and for instructions on how to work around this message, see the [[Certificate contains the same serial number as another certificate]] article. == The OCSP server has no status for the certificate == {note}An error occurred during a connection to ''(site name)''. The OCSP server has no status for the certificate. (Error code: sec_error_ocsp_unknown_cert){/note} If you see this error, see [[The OCSP server has no status for the certificate]]. == Bypassing the warning == You can tell Firefox to bypass these certificate warnings. You should only bypass the warning if you're sure that the site is legitimate. Legitimate public sites will '''not''' ask you to do this. An invalid certificate can be an indication of a web page that will defraud you or steal your identity. # On the warning page, click '''Or you can add an exception...'''. # Click {button Add Exception...}. The Add Security Exception dialog will appear. # Click {button Get Certificate}. # Read the text describing the problems with this site. # Click {button Confirm Security Exception} if you want to trust the site. [[Template:ShareArticle|link=http://mzl.la/LRo0Rj]]