Secure Connection Failed Mozilla version 48
Hello, I am start getting "Secure Connection Failed" on company Citrix sites https://citrix.cogecodata.net/lp/allusers/Logon.do https://qticsg.quiettouch.com/ How I can fix it locally on my Mozilla version 48 or I have downgrade the Mozilla version? I am using Kaspersky Antivirus and those sites are in exception list already. Thank you Mario
All Replies (3)
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate.
http://www.ehow.com/how_11385212_troubleshoot-reset-connection-firefox.html
https://support.mozilla.org/en-US/kb/server-not-found-connection-problem
https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
http://kb.mozillazine.org/Error_loading_websites
https://www.bing.com/search?q=web+site+access+denied
https://support.mozilla.org/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
This Connection is Untrusted is sometimes caused because the computer system clock is wrong. Check the time / date / time zone settings.
Those links give me:
SSL_ERROR_NO_CYPHER_OVERLAP
When I test the domains using this tool:
https://www.ssllabs.com/ssltest/
They score an "F" for connection security.
Their testbed was not able to connect using Firefox 46 or 47, Chrome 51, Edge, or Internet Explorer 11. Basically, this site is unusable in modern browsers due to how bad its security is.
So the administrator should update these sites ASAP if it is important that users have secure connections and that the site be able to trust those connections. Maybe they don't handle important enough data to worry about that.
Modified
If your company believes you should use these servers despite the risk that no communications are actually private -- due to the combination of TLS 1.0 and RC4 cipher -- Firefox does have a mechanism to allow the specific servers:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste TLS and pause while the list is filtered
(3) Select (for example, triple-click) and copy the following line:
citrix.cogecodata.net,qticsg.quiettouch.com
(4) Double-click the security.tls.insecure_fallback_hosts preference and:
(A) If the preference currently has some value, add a comma to the end and then paste the additional text and click OK
(B) If the preference does not have any value, paste and click OK
To test, reload the insecure pages using Ctrl+Shift+r to bypass the cache.
Added a screenshot
Modified