Secure Connection Failed with no specific error code
I have an HCL BigFix WebReports server setup behind an AWS ALB with SAML authentication using Okta. Once successful SAML authentication occurs, Firefox throws the below attached secure connection failed page. The page loads fine with Chrome, IE, Edge Things I've tried: 78.5.0esr and 83.0 on a windows machine with NO antivirus installed Clearing all cache Using private windows Complete uninstall & reinstall
spun up a clean windows VM loaded FF (with & without the below settings changed)
I have referenced https://www.clickssl.net/blog/secure-connection-failed-firefox with no success. About:config => security.ssl.enable_ocsp_stapling changed to false with no success security.enterprise_roots.enabled changed to true with no success configured the above options one at a time and both at the same time I have also run the following to verify SSL is working C:\Users\>curl -vk https://patch.emp.nwnit.com
All Replies (5)
There is security software like Avast, Kaspersky, BitDefender and ESET that intercept secure connection certificates and send their own.
Thanks for the links Fred, I'm working through them one at a time & so far haven't found the culprit. As for software such as Avast & BitDefender, my main test machine is a fresh AWS workspaces machine running Win2016 with nothing loaded except FF and all the latest Windows updates. The fact that I'm not getting a specific error code isn't helping anything -Patrick
Maybe check SiteSecurityServiceState.txt in the Firefox profile folder for references to this domain.
You can remove all data stored in Firefox for a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History -> Show All History" or "View -> Sidebar -> History").
Using "Forget About This Site" will remove all data stored in Firefox for this domain like history and cookies and passwords and exceptions and cache, so be cautious. If you have a password or other data for that domain that you do not want to lose then make sure to backup this data or make a note.
You can't recover from this 'forget' unless you have a backup of involved files.
If you revisit a 'forgotten' website then data for that website will be saved once again.
I was also able to determine that by watching the logs while testing, Okta thinks the login was successful.
I've read through and tried all of Fred's suggestions with no success. I had also read the article cor-el referenced and had previously tried forgetting just the one domain as well as all domains with no luck. I've been combing the web developer items looking for errors or something that stands out but nothing as of yet. Thanks