Compare Revisions

If a website requires a secure connection that cannot be established, Firefox will not connect and will show you an error page. Learn more.

This article explains why you may see a ''Secure Connection Failed'' or a ''Did Not Connect: Potential Security Issue'' error page and what you can do. *If you see a ''Warning: Potential Security Risk Ahead'' error page, see the [[What do the security warning codes mean?]] article. * To troubleshoot other error messages, see [[Websites don't load - troubleshoot and fix error messages]]. __TOC__ = Secure connection cannot be established = When a website that requires a secure ('''[https://wikipedia.org/wiki/HTTPS https]''') connection tries to secure communication with your computer, Firefox cross-checks this attempt to make sure that the [[Secure Website Certificate|website certificate]] and the connection method are actually secure. If Firefox cannot establish a secure connection, it will display a ''Secure Connection Failed'' or ''Did Not Connect: Potential Security Issue'' error page. == Secure Connection Failed == A ''Secure Connection Failed'' error page will include a description of the error, an option to report the error to Mozilla and a {button Try Again} button. There is no option to add a security exception to bypass this type of error. [[Image:fx60SecureConnectionFailed-ErrorCode]] The error page will also include the following information: * ''The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.'' * ''Please contact the website owners to inform them of this problem.'' == Did Not Connect: Potential Security Issue == Certain secure connection failures will result in a ''Did Not Connect: Potential Security Issue'' error page. [[Image:Fx67SecError-DidNotConnect]] The error page will include a description of the potential security threat, an option to report the error to Mozilla and an {button Advanced…} button to view the error code and other technical details. There is no option to add a security exception to visit the website. = Website issues = ==TLS version unsupported== Some websites try using outdated (no longer secure) [http://wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security] (''TLS'') mechanisms in an attempt to secure your connection. Firefox protects you by preventing navigation to such sites if there is a problem in securely establishing a connection.<!-- See https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean/discuss/6480#post-13160 --> Contact the owners of the website and ask them to update their TLS version to a version that is still current and still secure. '''Starting in [[Find what version of Firefox you are using|Firefox version]] 78, the minimum TLS version allowed by default is TLS 1.2.''' Websites that don't support TLS version 1.2 or higher will display a ''Secure Connection Failed'' error page with Error code: SSL_ERROR_UNSUPPORTED_VERSION and a message that ''This website might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox.'' [[Image:Fx78SecureConnectionFailed-TLS]] The error page may also include a button, {button Enable TLS 1.0 and 1.1} that will allow you to override the minimum TLS requirement. {note}'''Note:''' Mozilla plans to remove this option and permanently disable TLS 1.0 and 1.1 in a future version of Firefox. For more information, see [https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ this Mozilla page].{/note} ==HSTS required== Other websites may require [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#Description HTTP Strict Transport Security] (HSTS) and will not allow access with an insecure connection. = Security software conflict = Many security products use a feature that intercepts secure connections by default. This can produce connection errors or warnings on secure websites. If you see secure connection errors on multiple secure websites, updating your security product or modifying its settings may resolve the issue. See [[How to troubleshoot security error codes on secure websites#w_antivirus-products|this article's section on Antivirus products]] for help with specific security products that can produce these errors, such as [https://www.avast.com Avast], [https://www.avg.com AVG] and [https://www.eset.com ESET] software. {for win8,win10}Alternatively, you can uninstall third-party security software and use Windows Defender, the [https://www.microsoft.com/windows/comprehensive-security built-in] antivirus on Windows 8 and Windows 10.{/for} <!-- commented out based on https://bugzilla.mozilla.org/show_bug.cgi?id=1468892#c50 --> <!-- Another workaround is to set Firefox not to try TLS 1.3: # [[T:aboutconfig]] # In the search box above the list, type or paste '''TLS''' and pause while the list is filtered # Double-click the {pref security.tls.version.max} preference to display a dialog where you can modify the value from '''4''' to '''3''' (or, in other words, from TLS 1.3 to TLS 1.2) and then click OK.--> = Incorrect system clock = Firefox uses certificates on secure websites to ensure that your information is being sent to the intended recipient and can't be read by eavesdroppers. An incorrect system date can cause Firefox to detect that the website's security certificate is expired or invalid. Make sure your computer is set to the correct date, time and time zone. For more information, see [[How to troubleshoot time related errors on secure websites]]. = Other secure connection issues = These articles describe how to troubleshoot some specific secure connection errors: *[[Certificate Pinning Reports]]<br>Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE *[[Certificate contains the same serial number as another certificate]]<br>Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL For a list and brief description of other secure connection errors, see [https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/SSL_functions/sslerr.html NSS and SSL Error Codes] at MDN Web Docs.