Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

connection partially encrypted after reloading tabs at startup

  • 3 replies
  • 8 have this problem
  • 1 view
  • Last reply by guigs

more options

After restoring a session tabs with secure connections often indicate problems with SSL connections.

I noticed this with google+, gmail and service-now.com.

Both Firefox and the calomel SSL validation add-on indicate that the connection is not secure. Firefox shows that the connection is partially secure but Calomel warns about a broken or untrusted connection (0%).

Simply refreshing the page (by selecting the URL and pressing enter) solves the issue. After this the connection is considered secure again by both the Firefox URL icon and the Calomel add-on.

The problem cannot 100% be reproduced but it happens almost every time the browser has been closed for a longer period of time (usually when I've logged off).

So far I have only seen this for sure using Firefox portable on Windows 7.

After restoring a session tabs with secure connections often indicate problems with SSL connections. I noticed this with google+, gmail and service-now.com. Both Firefox and the calomel SSL validation add-on indicate that the connection is not secure. Firefox shows that the connection is partially secure but Calomel warns about a broken or untrusted connection (0%). Simply refreshing the page (by selecting the URL and pressing enter) solves the issue. After this the connection is considered secure again by both the Firefox URL icon and the Calomel add-on. The problem cannot 100% be reproduced but it happens almost every time the browser has been closed for a longer period of time (usually when I've logged off). So far I have only seen this for sure using Firefox portable on Windows 7.

All Replies (3)

more options

This sounds like the about config feature browser.sessionstore.privacy_level

If it is set to 1 when you restore a session it Stores extra session data for unencrypted (non-HTTPS) sites only. So since you are asking about partially encrypted paged I am not sure. Can you please clarify "partial encryption"?

I wonder if it is because by default browser.sessionrestore.privacy_level_deffered is set to 1: http://zpao.com/posts/restore-previous-session/ which is HTTPS only. Would partial mean http and https?

more options

If I click the exclamation mark icon the Technical details indeed says "Connection is Partially Encrypted".

browser.sessionstore.privacy_level is set to 0 and browser.sessionstore.privacy_level_deferred is set to 1

Lately the problem is getting worse. If I open gmail the connection is secure but when I opened emails in gmail the connection was broken (I got the exclamation mark and alert from calomel) every time. Now it remains secure. I can't think of anything that would explain the difference in behaviour. It's a pain but I'll try to clean up my session (not save tabs etc.) to see if that makes a difference.

Modified by m8ram

more options

You may be able to check to make sure that the defualt ssl and tsl versions in firefox are not blocking the sites by checking the protocols used/detected with this: https://www.ssllabs.com/ssltest/index.html

It looks like there is an issuer: Entrust.net Certification Authority (2048) and TLS 1.1 is not used.

Does it help to set these two prefs to 0 (zero) on the about:config page to disable TLS?

   *security.tls.version.min = 0
   *security.tls.version.max = 0