Troubleshoot the "Secure Connection Failed" error message

No one has helped translate this article yet. If you already know how localizing for SUMO works, start translating now. If you want to learn how to translate articles for SUMO, please start here.

If Firefox can't access a secure site (one that starts with https) you will see an error page with the heading Secure Connection Failed and a message about the error.

Secure connection cannot be established

When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure. If Firefox cannot establish a secure connection, you will see an error page similar to the one shown below, with a description of the error and an option to report the error to Mozilla:


Website issues

Some websites try using out-dated (no longer secure) TLS mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. When this happens, you will see a the Secure Connection Failed error page. If you experience this problem, contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure.

Security software conflict

If you use an ESET security product such as NOD32 Antivirus or ESET Internet Security, turning off one of the following settings and then turning it back on may help eliminate the error.

  • Enable application protocol content filtering
  • Enable SSL/TLS protocol filtering

For detailed instructions, see this article. If you have questions or concerns about modifying these settings, please visit ESET support.

Avast users (and perhaps some others) are getting intermittent Secure Connection Failed errors with the error code SSL_ERROR_RX_RECORD_TOO_LONG (these errors often clear up after reloading the page a few times). One workaround would be to modify the Avast/AVG Web Shield settings to not scan secure connections. For more information, see Managing HTTPS scanning in Web Shield in Avast Antivirus on Avast support site.

Another workaround is to set Firefox not to try TLS 1.3:

  1. In the address bar, type about:config and press EnterReturn.

    • The about:config "This might void your warranty!" warning page may appear. Click I'll be careful, I promise!I accept the risk! to continue to the about:config page.
  2. In the search box above the list, type or paste TLS and pause while the list is filtered
  3. Double-click the security.tls.version.max preference to display a dialog where you can modify the value from 4 to 3 (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK.

There is at least one thread on the Avast forums about this issue: Reporting a minor bug with firefox, broken SSL connexions.

Certificate warnings

Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. For a list of certificate warnings and error codes, see the article What does "Your connection is not secure" mean?.

Incorrect date settings

If the date is not correct on your system, this can cause Firefox to detect that the website's security certificate is expired or invalid. You should ensure that your system clock is set to today's date and time (double-click the clock icon on the Windows Taskbar). For information, see the article How to troubleshoot time related errors on secure websites.

Was this article helpful? Please wait...

These fine people helped write this article: AliceWyman, Bo102010, philipp, jscher2000, Underpass, Tonnes, Michele Rodaro, Michael Verdi, scoobidiver, Swarnava Sengupta, ideato, Tyler Downer, Wesley Branton, Artist, mwrr. You can help too - find out how.