How can I save my modifications to security.tls.insecure_fallback_hosts? They won't save.
Here's some context. I'm having problems with a corporate website. I get the following error message:
Secure Connection Failed
The connection to the server was reset while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
I've browsed the forums and came across the security.tls.insecure_fallback_hosts tweak. However, whenever I add the URL/domain/host I'm having the issue with and visit the website, the security.tls.insecure_fallback_hosts rolls back my entry and removes the URL/domain/host I manually added. Ironically enough, if I add multiple URL/domain/host, separated by commas, the URL/domain/host I'm having an issue with disappears, and the rest remains the same.
所有回复 (2)
Hi, please see if this helps : There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connections and send their own certificate. You would need to update what ever A/V is being used and to look in the forums of the A/V to see if others having a issue.
- https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can
- https://support.mozilla.org/en-US/kb/firefox-and-other-browsers-cant-load-websites
- https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message
- https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
- http://kb.mozillazine.org/Error_loading_websites
Please let us know if this solved your issue or if need further assistance.
Hmm, why would it be removed? Perhaps the host requires HTTP Strict Transport Security (HSTS). I don't know whether that affects the fallback list. If it does, Firefox may have learned that from a previous visit to the site (recorded in a file) or it may be on Google's HSTS preload list, which Firefox is now using as well.
What's wrong with the site's security configuration? Can you share the server address or have you run it through a test site such as: