Since installing Firefox 33 a 'Secure Connection Failed' error is no longer bypassable using the
'I Understand the Risks' button - it's gone!

• How To Fix Insecure Connection On Firefox
• How To Establish Secure Connection

Page 1 of 4 - HOW COME all of a sudden my 'Connection is Not Secure' - posted in Am I infected? What do I do?: Im really getting ticked off and suspicious - for over a month now I frequently get.

Is it still somehow possible to ignore certificate errors? (e.g. for lazy use in local environments)
_{Error code: sec_error_invalid_key}

• Firefox 52 Insecure Connection Fix. This is okay, when working with logins on your own computer or when working with logins in your own private local network. When the login form is on a server in the internet or some other public or workplace network, make sure to enable and use https for the site so that login information is not sent without encryption.
• At the top of the Firefox window, click on the Firefox button and then select ExitAt the top of the Firefox window, click on the File menu and then select ExitOn the menu bar, click on the Firefox menu and select Quit FirefoxAt the top of the Firefox window, click on the File menu and select Quit.

RienNeVaPlu͢sRienNeVaPlu͢s

7 Answers

How To Fix Insecure Connection On Firefox

Open Firefox's about:config

Set security.tls.insecure_fallback_hosts = www.domain.com (substitute the domain you're having the problem with)

Reload the page

This problem has been reported to Mozilla in their support forum.

The reason is that Firefox 33 has fully switched to the more strict libPKIX and you can no longer disable this library and fall back to the previous NSS code.

See related Mozilla blog post and bug:

Bug 975229 - Remove NSS-based certificate verification

It appears that they will not change this behavior.

If your problem is like mine, on a webmin site, try recreating the certificate from inside webmin. It helped me get back the 'make security exception' in FF 33.0!

Fowl

I had the same issue with Webmin and firefox 33. When I looked at the SSL certificate that Webmin was using, I found that it was using a 512 bit key! This must have been the default key size when I installed Webmin a couple of years ago.

Firefox 33 no longer supports keys less than 1024 bits (with good reason). See site compatibility

You can fix this right from Webmin if you use another browser that lets you bypass this type of error or if you temporarily disable SSL in webmin by setting ssl=0 in /etc/webmin/miniserv.conf and restart webmin with '/etc/init.d/webmin restart'. Just login to the Webmin web UI and select: Webmin -> Webmin Configuration -> SSL Encryption -> Self Signed Certificate. Fill in the form (or leave the defaults) and then click the Create Now button. If you temporarily disabled ssl enable it with ssl=1 in /etc/webmin/miniserv.conf and restart webmin with '/etc/init.d/webmin restart'. This will update your self-signed certificate for Webmin and you will now be able to access the page from Firefox 33 (With the usual browser warning about an untrusted connection).

Tried suggestion by @wisbucky but needed browser restart to bypass 'Secure Connection Failed' error.

Steps followed were -

Open Firefox's config by typing following in address bar -

about:config

Search for security.tls.insecure_fallback_hosts and set it to

security.tls.insecure_fallback_hosts = hostname of site throwing error

For messages about a weak DH key, try toggling the following preferences (in Firefox's about:config):

• security.ssl3.dhe_rsa_aes_128_sha
• security.ssl3.dhe_rsa_aes_256_sha

This solved a 'Secure Connection Failed' error I was seeing:

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

palswimpalswim

The webmin initial self ssl key is 512 byte

Solutions: using chrome or firefox , login in webmin , in webmin configuration ->SSL Encryption->Self-Signed Certificate

create a new SSL key and certificate for your Webmin server , the RSA key select default (2048), and make sue 'Use new key immediately'

then you can using IE access Webmin

Another potential fix worth noting: In your about:config, your user profile may have some settings that have been corrupted.

One in particular that was noted here: security.tls.version.max

In particular, the discussion at the linked site points out that somehow the security.tls.version.max setting had been changed from its original value (3) to the new value of 1, and after that change, the user was not able to connect to certain sites that needed the newer Transport Layer Security.

One easy way to check if this is happening without first mucking around with your about:config is to try creating a fresh profile, by running firefox -P and then creating a new profile, and see if you can successfully visit the site.

protected by Community♦Oct 28 '14 at 3:50

Thank you for your interest in this question. Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?

Not the answer you're looking for? Browse other questions tagged firefoxcertificate or ask your own question.

I'm really getting ticked off and suspicious - for over a month now I frequently get the message 'Your Connection is not Secure' for sites like my bank that I know darn well are secure - and many other sites --- TOO MANY to be an accident.
I have Firefox browser and I'm getting ready to throw it in the can - it used to present me with a way to go around it - to go to advanced and agree basically to say 'I know this isn't secure but I want to go anyway' but now I can't even do that - now I get an error code ---
It says 'Go Back' basically ordering me not to advance further.
I'm really fed up with Firefox - its seriously impacting my use of my computer because I have sites I want to go to and Firefox is not letting me go there.
WHY ALL OF A SUDDEN is this happening and WHY can I no longer agree to their stupid 'I accept the risk' and go to the site.

How To Establish Secure Connection

Is this some kind of censorship? I keep hearing about interference with accessing the web and I do not understand but like I said I know for a fact my bank site is secure but that's one I get the message on and frankly this is b.s.
Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum, at the suggestion of member that was helping OP. ~ Animal

Edited by Animal, 26 March 2016 - 10:49 PM.
Moved fro Win 8/8.1 to Web browsing etc applications