Firefox 68.0 esni (encrypted sni) error

I use Firefox 68.0 with “” about:config flag enabled. I pass the tests in “” (except Secure DNS because I use instead of it also supports DoH) and sometimes when I visit sites which supports esni (all TLS 1.3 Cloudflare sites) I see the error “SSL_ERROR_MISSING_ESNI_EXTENSION” and have to refresh to enter the site. Any help or idea why this happens?

1 Like

Google turns up this result (disabling their local anti-virus fixed it):

I don’t use any anti-virus software or Windows Defender etc. I am running GNU/Linux. I am really interested in the root cause of this problem. Is this a problem with Cloudflare not supporting any other DoH DNS with ESNI or a problem in Firefox or a problem with nextdns? :thinking:

I first contacted nextdns about it, thought it was a problem with DNS then I noticed that it has somethinng to do with ESNI because it only happens in sites which uses TLS 1.3 and Cloudflare (AFAIK Cloudflare is still the only ESNI provider)

So I can say it has nothing to do with nextdns. Its either a problem if someone uses another DoH supported DNS other than or a problem in Firefox, not sure. I will switch to and see if I have problems.

Edit: I also see it with


I do have the same issue, I also reported it to Mozilla in order to check from their side.
I have Firefox version 68.0 and I activated DoH and ESNI from “about:config” in Firefox.

Here are the changes that I did:


With those settings, some websites are working fine no problem at all, but some others are issuing this errir message: SSL_ERROR_MISSING_ESNI_EXTENSION
And in order for me to get access to this website I have to set the value of “” to “false”.

Can you please investigate if that is a problem from your side (Cloudflare) or maybe Mozilla?
I do have this error occuring when visiting this site for example:

Thanks in advance for your help!

1 Like

Great, after some thinking :thinking: I realized that I started to see if after I have upgraded to Firefox 68.0. I also created a new Firefox Profile and same happened. Looks like a problem in Firefox. Will also play with Firefox Nightly and see if I have this problem over there. @Snoobz can you share the link where you have to reported Mozilla?


Here is the link to the BugZilla website where I reported that issue @firefoxesni

I hope that I reported it in the correct section…

1 Like

Go figure…this just bit me. Rocket Loader from wouldn’t load due to this.

Update: And if that isn’t confusing enough, I don’t get this error on a different site using Rocket Loader.

Some more info:

I was wrong about nextdns. It mostly happens when I use nextdns, rarely happens when I use currently I am using and never saw it again. So it is probably a DNS provider problem. I had not these errors before Firefox 68.0 maybe also a change was made to the browser. I really don’t know. Since we are on Cloudflare forum I would like some information about if it has some problem or not. Else there is no need to discuss other services or Firefox here. @Snoobz can you also try to use blahdns and report back?



@firefoxesni Hello,

So I tried your settings and it does the same exact error.

There were some mistake in your example

network.trr.bootstrapAddress; or or

Cuz network.trr.bootstrapAddress will use this DNS IP to do first time resolve and get to know this DoH is pointing to IP:
Second is wont support plain text UDP 53 DNS, so it doesnt make sense put IP: as network.trr.bootstrapAddress.


  1. ( network.trr.bootstrapAddress)

This topic was automatically closed after 30 days. New replies are no longer allowed.