Compare Revisions

If Firefox can't access a secure (https) site you'll get a "Secure Connection Failed" page. Learn the reasons this happens and what to do.

{for fx61} {warning}'''Avast and AVG users:''' If you see this error in [[Find what version of Firefox you are using|Firefox version]] 61 or above, please see the [[#w_avast-and-avg-security-products|solution given below]].<!-- https://bugzilla.mozilla.org/show_bug.cgi?id=1468892 -->{/warning} {/for} If Firefox can't access a secure site (one that starts with '''https''') you will see an error page with the heading ''Secure Connection Failed'' and a message about the error. *If you see the error message ''Your connection is not secure'', see the article [[What do the security warning codes mean?]]. * To troubleshoot other error messages, see [[Websites don't load - troubleshoot and fix error messages]]. __TOC__ = Secure connection cannot be established = When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure. If Firefox cannot establish a secure connection, you will see a ''Secure Connection Failed'' error page similar to the one shown below, with a description of the error, an option to report the error to Mozilla and a {button Try Again} button: ;[[Image:fx60SecureConnectionFailed-ErrorCode]] The error page will also include the following information: * ''The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.'' * ''Please contact the website owners to inform them of this problem.'' == Website issues == Some websites try using outdated (no longer secure) [http://wikipedia.org/wiki/Transport_Layer_Security ''TLS''] mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection. When this happens, you will see the ''Secure Connection Failed'' error page.<!-- See https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean/discuss/6480#post-13160 --> If you experience this problem, contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure. == Security software conflict == ===AVAST and AVG security products=== If you use a security product by [https://www.avast.com Avast] or [https://www.avg.com AVG], it may be intercepting secure connections by default. Avast and AVG products may not be ready for the most recent and secure [http://wikipedia.org/wiki/Transport_Layer_Security TLS] 1.3 specification used in the latest versions of Firefox. As a result, Firefox users may see intermittent ''Secure Connection Failed'' error pages with the error code <code>SSL_ERROR_RX_RECORD_TOO_LONG</code> on secure websites such as Google and others. As a workaround, you can disable the interception of secure connections in your AVAST or AVG settings: # Open the dashboard of your Avast or AVG application. # Go to {menu Menu} > {menu Settings} > {menu Components} and click {button Customize} next to {menu Web Shield}. # Uncheck the box next to {menu Enable HTTPS Scanning} and confirm this by clicking {button OK}. For more information, see [https://support.avast.com/en-us/article/189/ Managing HTTPS scanning in Web Shield in Avast Antivirus] on the Avast support site. <!-- commented out based on https://bugzilla.mozilla.org/show_bug.cgi?id=1468892#c50 --> <!-- Another workaround is to set Firefox not to try TLS 1.3: # [[T:aboutconfig]] # In the search box above the list, type or paste '''TLS''' and pause while the list is filtered # Double-click the {pref security.tls.version.max} preference to display a dialog where you can modify the value from '''4''' to '''3''' (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK.--> ===ESET and NOD32 security products=== If you use an [https://www.eset.com ESET] security product such as NOD32 Antivirus or ESET Internet Security, turning off one of the following settings and then turning it back on may help eliminate the error. *''Enable application protocol content filtering'' *''Enable SSL/TLS protocol filtering'' For detailed instructions, see [https://support.eset.com/kb3126 Disable SSL scanning in ESET Windows products] at ESET Support and [http://www.askvg.com/fix-secure-connection-failed-problem-in-mozilla-firefox-web-browser/ this AskVG.com article]. If you have questions or concerns about modifying these settings, please visit [http://support.eset.com/ ESET support].<!-- See https://support.mozilla.org/questions/1174146 and https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message/discuss/7169 --> ===Other security products=== Other security products that intercept secure connections by default can produce ''Secure Connection Failed'' and ''Your connection is not secure'' error pages on secure websites. For more information, see [[How to troubleshoot security error codes on secure websites#w_antivirus-products|this article's section on Antivirus products]]. = Certificate warnings = Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. For a list of certificate warnings and error codes, see the article [[What do the security warning codes mean?]]. == Incorrect date settings == If the date is not correct on your system, this can cause Firefox to detect that the website's security certificate is expired or invalid. You should ensure that your system clock is set to today's date and time{for win} (double-click the clock icon on the Windows taskbar){/for}. For information, see the article [[How to troubleshoot time related errors on secure websites]].