Secure Connection Failed

Krusty13 · March 13, 2015, 7:50pm

Trying again with IE11 - unable to post with FF.

Secure Connection Failed

The connection to the server was reset while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.

I keep getting this while trying to navigate Norton Community with Firefox today.

akshat1984 · September 19, 2016, 3:01pm

This is a very common problem that users face in Firefox. But there are solutions which can fix this problem http://www.akshatblog.com/fix-secure-connection-failed-error-in-firefox/

David1776 · May 6, 2016, 9:00pm

OK thanks will do that.

floplot · May 6, 2016, 8:25pm

Hello David

It wouldn't hurt to run Live Update manually at least daily. Sometimes there are updates where you need to run Live Update in order to get them and also to get the other parts of an update. Sometimes also the Automatic Update fails and should be run again.

Thanks.

David1776 · May 6, 2016, 1:03pm

Well Norton's shouldn't be an issue I think as I downloaded the latest copy when I installed Win 10 and I do have it set to auto update so I would assume it updates things like this as time goes by. So is most likely just as you said just out of date certificates in this specific sites.

lmacri · May 6, 2016, 12:42pm

David1776:

Problem is in the last 2 weeks I have started to see more of a SECURE CONNECTION FAILED error message. Up until then it was rare if I did, But I know for example I was on Facebook playing a game fine and now that game has started to get this error when I load it (Loads fine on a refresh just not the first time) Then on Youtube I noticed it again on I think a google ads listing as the link in the error message pointed at one of googles pages....

Hi David1776:

As noted before, if you see this Secure Connection Failed error on only a small number of secure websites (where the URL begins with "https://") it's likely an issue with outdated certificates / connection protocols on the backend server. Secure Sockets Layer (SSL 3) is an old protocol and most servers use the newer Transport Layer Security (TLS 1.0, TLS 1.1 or TLS 1.2) protocol. When you connect to the server you should be offered the latest protocol (normally TLS 1.2) but if the "handshake" between your browser and the server fails you will be offered an earlier protocol. Firefox, Chrome and IE11 disabled support for SSL 3 several months ago but if the initial handshake fails and SSL 3 hasn't been disabled on the backend server it might result in an attempted connection via SSL 3 and a Secure Connection Failed error. That's just speculation on my part, but a refresh might be solving your problem because the second handshake offers a new connection using a more secure TLS protocol.

If you start seeing this is error on a wide number of sites post back and let us know the version number of your Norton Internet Security [go to Help | About (or Support | About for older versions) from the main GUI - the latest version is currently v22.6.0.142], your Windows OS, and your Firefox browser version (currently v46.0.1) and we'll see if we can isolate the cause. Adblock Plus also received a recent update to v2.7.3, so make sure all your browser extension are up-to-date as well, since the majority of your errors seem to occur on Facebook and YouTube.
-------------
32-bit Vista Home Premium SP2 * Firefox v46.0.1 * NIS v21.7.0.11 * MBAM Premium v2.2.1

David1776 · May 6, 2016, 12:37am

Hi

Well I wouldn't understand most of what is spit out. Is more about why the error but at least makes sense that it's most likely a website issue if SSL policies have changed and such.

Thanks yes been using the same Ad Blocker Plus for years and love it. Hate having lots of flashing ads trying to gain your attention when you are trying to read an article or something!

Dave

lmacri · May 6, 2016, 12:33am

Hi David1776:

Just an afterthought, but if you haven't already done so you might want to install an ad blocker extension to your Firefox browser for additional protection. I've installed Adblock Plus in Firefox and use the default EasyList filter described at https://adblockplus.org/en/features to block ads. The only important configuration change I've made is to disable the display of "acceptable" ads (Filter Preferences | Filter Subscriptions | Allow some non-intrusive advertising | disable). The FAQ <here> notes that Adblock Plus will automatically block ads on both YouTube and Facebook.
-------------
32-bit Vista Home Premium SP2 * Firefox v46.0.1 * NIS v21.7.0.11 * MBAM Premium v2.2.1

lmacri · May 5, 2016, 11:45pm

Hi David1776:

If your problem is related to an outdated certificate or security protocol then this is something that should be addressed by the website owner. Just out of curiosity I ran https://googleads.g.doubleclick.net/ through the Qualys SSL Server Test and the results can be viewed at https://www.ssllabs.com/ssltest/analyze.html?d=googleads.g.doubleclick.net&s=216.58.195.226. The overall result was a Grade B (This server uses SSL 3, which is obsolete and insecure / Intermediate certificate has a weak signature. Upgrade to SHA2 as soon as possible to avoid browser warnings).

It's also possible Google's DoubleClick is attempting to display an ad from an insecure (or even malicious) source when you're playing your Facebook game. I've seen workarounds posted in the Facebook and Firefox support forums on how to temporarily disable certificate validation in Firefox but I would never advise that someone do this - especially since your game will run after you refresh your page.

If you're interested, there is also a Qualys SSL Client Test that analyses the SSL/TLS capabilities of your browser and checks for vulnerabilities to common exploit attacks. If I browse to this test site with my IE9 browser, the latest available version of IE for my Vista OS, it reports the following warning. This is one reason why I use Firefox (which supports TLS 1.2) as my default browser.

-------------
32-bit Vista Home Premium SP2 * Firefox v46.0.1 * NIS v21.7.0.11 * MBAM Premium v2.2.1

David1776 · May 5, 2016, 9:59pm

Hi

So is this something then that will have to be addressed by individual websites for the time going forward or is there a user involved solution until everyone is caught up with this change in policy?

Dave

lmacri · May 5, 2016, 6:23pm

Hi David1776:

This might be related to a recent policy change in Microsoft's Root Certificate Program that requires certificate authorities (CAs) to stop issuing SSL and coding certificates signed with the SHA-1 hashing algorithm as of January 1, 2016. The Microsoft Security Advisory Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program notes that "Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks" and CAs have been asked to migrate customers with SHA-1 certificates expiring after December 31, 2015 to more secure SHA-2 (e.g., SHA-256) certificates. See the thread NEW FIREFOX 43.0.2 for links to additional information.

The Mozilla support article Troubleshoot the "Secure Connection Failed" error message states in part:

"When a website you visit attempts to secure communication between your computer and the website, Firefox cross-checks this attempt to ensure that the certificate and the method the website is using are actually secure."
-------------
32-bit Vista Home Premium SP2 * Firefox v46.0.1 * NIS v21.7.0.11 * MBAM Premium v2.2.1

Secure Connection Failed

Announcements