Secure Connection Failed
Firefox couldn’t establish a trusted TLS connection. The sub-code under “Advanced” tells you why — no shared protocol or cipher, an untrusted issuer, or an interfering proxy or antivirus. (Cipher/protocol errors show “Secure Connection Failed”; trust errors like SEC_ERROR_UNKNOWN_ISSUER show “Potential Security Risk Ahead”.)
Common causes
- No common protocol or cipher between Firefox and the server (
SSL_ERROR_NO_CYPHER_OVERLAP) — usually an outdated server configuration. - The certificate’s issuer isn’t trusted (
SEC_ERROR_UNKNOWN_ISSUER) — typically a missing intermediate or a private CA. - Antivirus HTTPS scanning injecting a root that Firefox’s separate trust store doesn’t have.
- A
security.tls.*preference inabout:configwas changed.
How to fix it
- 1
Open “Advanced” on the warning page and read the exact error code — it determines the fix.
- 2
For
SSL_ERROR_NO_CYPHER_OVERLAP, fix the server to offer TLS 1.2/1.3 and modern ciphers. Confirm what it accepts:openssl s_client -connect example.com:443 -tls1_2 </dev/null - 3
For
SEC_ERROR_UNKNOWN_ISSUER, serve the full certificate chain (leaf + intermediates) and reload — the same fix asUNABLE_TO_VERIFY_LEAF_SIGNATURE. - 4
Firefox keeps its own trust store. If antivirus HTTPS scanning is the cause, enable the antivirus’s Firefox integration or turn off HTTPS scanning, and reset any changed
security.tls.*prefs inabout:config.
Catch these before your users do
SSLNudge detects Secure Connection Failed and expiry issues daily and alerts you.