Firefox 'Secure Connection Failed'

I see a generic “Secure Connection Failed - The page you are trying to view cannot be shown because the authenticity of the received data could not be verified” error when trying to connect to using Firefox 89.0 (64-bit).

Doing a forced refresh loads the HTML but no assets. They all show as 0 B transferred. At that point, Firefox displays a valid SSL connection with a signed Cloudflare certificate.

Of note:

  • SSL is set to ‘Full’ at Cloudflare with an active universal certificate.
  • Always Use HTTPS, Automatic HTTPS Rewrites and TLS 1.3 are on
  • I’m on macOS and no other browsers (Safari / Chrome / Brave / wget / curl) exhibit this issue.
  • Firefox on other networks and other countries has the same issue (I’m in NZ and have had reports from fellow Kiwis, and from as far away as Argentina) BUT
  • The site loads fine when I connect via a VPN. Weird…
  • System time is OK.
  • HSTS (Strict-Transport-Security) is enabled in Cloudflare.
  • SSL Server Test (Powered by Qualys SSL Labs) gives an A+ rating.

The security tab in dev tools shows the following after a forced refresh shows the HTML:
“Connection:”: {
“Protocol version:”: “TLSv1.3”,
“Cipher suite:”: “TLS_AES_128_GCM_SHA256”,
“Key Exchange Group:”: “x25519”,
“Signature Scheme:”: “ECDSA-P256-SHA256”
“Host”: {
“HTTP Strict Transport Security:”: “Enabled”,
“Public Key Pinning:”: “Disabled”
“Certificate:”: {
“Issued To”: {
“Common Name (CN):”: “”,
“Organization (O):”: “Cloudflare, Inc.”,
“Organizational Unit (OU):”: “”
“Issued By”: {
“Common Name (CN):”: “Cloudflare Inc ECC CA-3”,
“Organization (O):”: “Cloudflare, Inc.”,
“Organizational Unit (OU):”: “”
“Period of Validity”: {
“Begins On:”: “23 July 2020”,
“Expires On:”: “24 July 2021”
“Fingerprints”: {
“SHA-256 Fingerprint:”: “stuff”,
“SHA1 Fingerprint:”: “stuff”
“Transparency:”: “”

I’m seeing similar behavior for your site.
How long have you had this domain on Cloudflare?

The domain has been there for years.

I think I have the answer though - disabling HTTP/3 (with QUIC) has done it. Maybe going via a VPN downgraded it to HTTP/2 and that’s why it worked.

1 Like

That’s interesting because I use Firefox 89 with QUIC and haven’t had this problem viewing my sites.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.