Hi, I I receive a "Secure Connection Failed" warning when trying to access a site that I know is trust worthy. The website is https://www.planet.snb.ca. Thanks
I I receive a "Secure Connection Failed" warning when trying to access a site that I know is trust worthy. The website is https://www.planet.snb.ca.
the error is as follows: "The connection to www.planet.snb.ca was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem."
Chosen solution
It works for me if I add this domain to the security.tls.insecure_fallback_hosts pref and the www.planet.snb.ca domain. You may have to add more domains if you keep getting an error message when opening pages to different domains.
Read this answer in context 👍 6All Replies (11)
This is because this website uses old and insecure protocols to secure itself. You can see a full report at https://www.ssllabs.com/ssltest/analyze.html?d=planet.snb.ca
Please contact the website owners and send them a copy of the above report. They then need to do some serious work on updating their site's security.
The site is owned by the Province of New Brunswick, I can access this from IE with no trouble. Tried adding the site to exceptions but no luck. Something has changed in Firefox, as it worked a while ago. Is there anything I can do on my end? I understand the risk, as there will be none with this site.
The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
- security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain (www.planet.snb.ca) to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.
If this helps then you can contact this website and ask them to look into this.
Thank you but I have already tried that, with no luck.
This website only supports TLS 1.0, which is a VERY old technology. It needs to support TLS 1.2. All browsers will eventually be disabling support for TLS 1.0, and even though you trust the site your information can be intercepted by malicious third-parties. You need to complain to the website and tell them to update their security.
Thanks Tyler but you are talking to a guy that still has a computer in the office running Windows 2000! The province is always behind and it will take forever to get them to change this. Is there any setting I can perform in my Firefox browser(37.0.2) to allow me to access this site. I need this for my work. If not I will have to resort to using IE just for this site, which I dislike. thanks again, Brent
There is no safe way to enable Access to this site. Use IE (until this is disabled in IE, which it will be soon) and complain to the site to ask them to update. All browsers will eventually stop working on this site. The site needs to update, not you.
Chosen Solution
It works for me if I add this domain to the security.tls.insecure_fallback_hosts pref and the www.planet.snb.ca domain. You may have to add more domains if you keep getting an error message when opening pages to different domains.
Thanks Cor-el that worked! I was using the full name with "https://" as the prefix and that is why it was not working. Take Care
Modified
I cannot understand any of this, I even tried to sign up for an account with Mozilla and I suddenly got this message that the site was no secure. I'm sick of this as I'll be in the middle of something and suddenly I'm out and can't get back in. Perhaps I need a different browser or someone who can speak to me in a lingo I understand.
Hi cschiffer
You can check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- Click the link at the bottom of the error page: "I Understand the Risks"
- Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate"
- Click the "View" button and inspect the certificate and check who is the issuer.
You can see more details like the intermediate certificates that are used in the Details tab.
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open this chrome URI by pasting or typing this URI in the location/address bar to open the "Add Security Exception" window and check the certificate:
- chrome://pippki/content/exceptionDialog.xul
In the location field type/paste the URL of the website
- retrieve the certificate via the "Get certificate" button
- click the "View..." button to inspect the certificate in the Certificate Viewer
Check who is the issuer of the certificate.
You can inspect more details like the certificate chain in Details tab of the Certificate Viewer.
Can you attach a screenshot of the Certificate Viewer window?
- http://en.wikipedia.org/wiki/Screenshot
- https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem
- Use a compressed image type like PNG or JPG to save the screenshot
- Make sure that you do not exceed the maximum size of 1 MB