為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

"The connection to the server was reset while the page was loading." when loading intranet HTTPS site

  • 2 回覆
  • 1 有這個問題
  • 1 次檢視
  • 最近回覆由 g.kostov

more options

I just installed an Enterprise Root CA in Active Directory Integrated mode. I issued an certificate to one of our servers. Everything worked fine. IE 11 and Chrome have no problem opening my test intranet site. However Firefox keeps giving me this error:

  Secure Connection Failed
  The connection to the server was reset while the page was loading.
      The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
      Please contact the website owners to inform them of this problem.

I imported my Root CA certificate in Firefox but it didn't help. I played several times with certificate options while issuing the certificate, but none of them helped. In IE and Chrome my test site worked OK under all options.

The current options of test site's certificate are as follows:

Version: V3 Signature algorithm: sha512RSA Signature hash algorithm: sha512 Issuer: <my Root CA> Valid from: 23.01.2017, 14:36 Valid to: 23.01.2019, 14:46 Subject: <my server's fqdn> Public key: RSA (2048 bits) Enhanced key usage: Server Authentication Subject Alternative Name: DNS=<my server's fqdn>&DNS=<my server's hostname> Key Usage: Digital Signature, Key Encipherment (a0)

My Root CA's certificate has these options:

Version: V3 Signature algorithm: sha512RSA Signature hash algorithm: sha512 Issuer: <my Root CA> Valid from: 23.01.2017, 14:28 Valid to: 23.01.2019, 14:38 Subject: <my Root CA> Public key: RSA (2048 bits) Certificate template: CA Key Usage: Digital Signature, Certificate Signing, Off-line CRL Signing, CRL Signing (86)

The CA, Test web server, and Firefox browser are all on the same Windows 2012 R2 machine. I tried Firefox browser on two other computers - no difference. Server's security protocols are configured (using IIS Crypto 2.0) as follows:

 Protocols: TLS 1.0, TLS 1.1, TLS 1.2
 Ciphers: 3DES 168, AES 128, AES 256
 Hashes: SHA256, SHA384, SHA512
 Key Exchanges: Diffie-Hellman, PKCS, ECDH

Since mots of user's at my place prefer Firefox, I have to find a solution for this problem before launching my CA in production. So your cooperation would be highly appreciated!

Best regards George

I just installed an Enterprise Root CA in Active Directory Integrated mode. I issued an certificate to one of our servers. Everything worked fine. IE 11 and Chrome have no problem opening my test intranet site. However Firefox keeps giving me this error: Secure Connection Failed The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. I imported my Root CA certificate in Firefox but it didn't help. I played several times with certificate options while issuing the certificate, but none of them helped. In IE and Chrome my test site worked OK under all options. The current options of test site's certificate are as follows: Version: V3 Signature algorithm: sha512RSA Signature hash algorithm: sha512 Issuer: <my Root CA> Valid from: 23.01.2017, 14:36 Valid to: 23.01.2019, 14:46 Subject: <my server's fqdn> Public key: RSA (2048 bits) Enhanced key usage: Server Authentication Subject Alternative Name: DNS=<my server's fqdn>&DNS=<my server's hostname> Key Usage: Digital Signature, Key Encipherment (a0) My Root CA's certificate has these options: Version: V3 Signature algorithm: sha512RSA Signature hash algorithm: sha512 Issuer: <my Root CA> Valid from: 23.01.2017, 14:28 Valid to: 23.01.2019, 14:38 Subject: <my Root CA> Public key: RSA (2048 bits) Certificate template: CA Key Usage: Digital Signature, Certificate Signing, Off-line CRL Signing, CRL Signing (86) The CA, Test web server, and Firefox browser are all on the same Windows 2012 R2 machine. I tried Firefox browser on two other computers - no difference. Server's security protocols are configured (using IIS Crypto 2.0) as follows: Protocols: TLS 1.0, TLS 1.1, TLS 1.2 Ciphers: 3DES 168, AES 128, AES 256 Hashes: SHA256, SHA384, SHA512 Key Exchanges: Diffie-Hellman, PKCS, ECDH Since mots of user's at my place prefer Firefox, I have to find a solution for this problem before launching my CA in production. So your cooperation would be highly appreciated! Best regards George

所有回覆 (2)

more options

What cipher suite use the other programs and what cipher suites does the server offer to browsers?

If weak and unsafe cipher suites are supported then Firefox or possibly security software might terminate the connection.

more options

cor-el said

What cipher suite use the other programs and what cipher suites does the server offer to browsers? If weak and unsafe cipher suites are supported then Firefox or possibly security software might terminate the connection.

As i said in first question, server is configured to use 3DES 168, AES 128, AES 256. Chrome reports "AES_256_GCM" as used cipher.

Meanwhile I tried to reproduce the problem on another Intranet server, and it worked fine there. I requested certificate with the same options from the same CA, and when installed it worked fine with Firefox too. I'll investigate to find differences between two servers, but in general the problem is most likely in server configuration. The fact that only Firefox was affected led me to search resolution here, but obviously there is another reason in the server which had to be found yet.

Thanks for cooperation.

由 g.kostov 於 修改