summaryrefslogtreecommitdiffstats
path: root/toolkit/content/neterror/supportpages
diff options
context:
space:
mode:
Diffstat (limited to 'toolkit/content/neterror/supportpages')
-rw-r--r--toolkit/content/neterror/supportpages/connection-not-secure.html205
-rw-r--r--toolkit/content/neterror/supportpages/time-errors.html259
2 files changed, 464 insertions, 0 deletions
diff --git a/toolkit/content/neterror/supportpages/connection-not-secure.html b/toolkit/content/neterror/supportpages/connection-not-secure.html
new file mode 100644
index 0000000000..1df8b7501f
--- /dev/null
+++ b/toolkit/content/neterror/supportpages/connection-not-secure.html
@@ -0,0 +1,205 @@
+<!DOCTYPE html>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<html>
+ <head>
+ <meta
+ http-equiv="Content-Security-Policy"
+ content="connect-src https:; default-src chrome:; object-src 'none'"
+ />
+ <meta name="referrer" content="no-referrer" />
+ <meta charset="UTF-8" />
+ <link
+ rel="stylesheet"
+ type="text/css"
+ href="chrome://global/skin/offlineSupportPages.css"
+ />
+ <link
+ rel="icon"
+ type="image/png"
+ id="favicon"
+ href="chrome://branding/content/icon32.png"
+ />
+ <title>Secure connection failed and Firefox did not connect</title>
+ </head>
+ <body>
+ <div id="offlineSupportContainer">
+ <h1>Secure connection failed and Firefox did not connect</h1>
+ <p>
+ This article explains why you may see a
+ <em>Secure Connection Failed</em> or a
+ <em>Did Not Connect: Potential Security Issue</em> error page and what
+ you can do.
+ </p>
+ <div id="toc">
+ <h2>Table of Contents</h2>
+ <ul>
+ <li class="toclevel-1">
+ <a href="#w_secure-connection-cannot-be-established"
+ ><span class="tocnumber">1</span>
+ <span class="toctext"
+ >Secure connection cannot be established</span
+ ></a
+ >
+ <ul>
+ <li class="toclevel-2">
+ <a href="#w_secure-connection-failed"
+ ><span class="tocnumber">1.1</span>
+ <span class="toctext">Secure Connection Failed</span></a
+ >
+ </li>
+ <li class="toclevel-2">
+ <a href="#w_did-not-connect-potential-security-issue">
+ <span class="tocnumber">1.2</span>
+ <span class="toctext"
+ >Did Not Connect: Potential Security Issue</span
+ ></a
+ >
+ </li>
+ </ul>
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_website-issues"
+ ><span class="tocnumber">2</span>
+ <span class="toctext">Website issues</span></a
+ >
+ <ul>
+ <li class="toclevel-2">
+ <a href="#w_tls-version-unsupported"
+ ><span class="tocnumber">2.1</span>
+ <span class="toctext">TLS version unsupported</span></a
+ >
+ </li>
+ <li class="toclevel-2">
+ <a href="#w_hsts-required"
+ ><span class="tocnumber">2.2</span>
+ <span class="toctext">HSTS required</span></a
+ >
+ </li>
+ </ul>
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_security-software-conflict"
+ ><span class="tocnumber">3</span>
+ <span class="toctext">Security software conflict</span></a
+ >
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_incorrect-system-clock"
+ ><span class="tocnumber">4</span>
+ <span class="toctext">Incorrect system clock</span></a
+ >
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_other-secure-connection-issues"
+ ><span class="tocnumber">5</span>
+ <span class="toctext">Other secure connection issues</span></a
+ >
+ </li>
+ </ul>
+ </div>
+ <h1 id="w_secure-connection-cannot-be-established">
+ Secure connection cannot be established
+ </h1>
+ <p>
+ When a website that requires a secure (<strong>https</strong>)
+ connection tries to secure communication with your computer, Firefox
+ cross-checks this attempt to make sure that the website certificate and
+ the connection method are actually secure. If Firefox cannot establish a
+ secure connection, it will display an error page.
+ </p>
+ <h2 id="w_secure-connection-failed">Secure Connection Failed</h2>
+ <p>
+ A <em>Secure Connection Failed</em> error page will include a
+ description of the error, an option to report the error to Mozilla and a
+ <span class="button">Try Again</span> button. There is no option to add
+ a security exception to bypass this type of error.
+ </p>
+ <p></p>
+ <p>The error page will also include the following information:</p>
+ <ul>
+ <li>
+ <em
+ >The page you are trying to view cannot be shown because the
+ authenticity of the received data could not be verified.</em
+ >
+ </li>
+ <li>
+ <em
+ >Please contact the website owners to inform them of this
+ problem.</em
+ >
+ </li>
+ </ul>
+ <h2 id="w_did-not-connect-potential-security-issue">
+ Did Not Connect: Potential Security Issue
+ </h2>
+ <p>
+ Certain secure connection failures will result in a
+ <em>Did Not Connect: Potential Security Issue</em> error page.
+ </p>
+ <p></p>
+ <p>
+ The error page will include a description of the potential security
+ threat, an option to report the error to Mozilla and an
+ <span class="button">Advanced…</span> button to view the error code and
+ other technical details. There is no option to add a security exception
+ to visit the website.
+ </p>
+ <h1 id="w_website-issues">Website issues</h1>
+ <h2 id="w_tls-version-unsupported">TLS version unsupported</h2>
+ <p>
+ Some websites try using outdated (no longer secure) Transport Layer
+ Security(<em>TLS</em>) mechanisms in an attempt to secure your
+ connection. Firefox protects you by preventing navigation to such sites
+ if there is a problem in securely establishing a connection. Contact the
+ owners of the website and ask them to update their TLS version to a
+ version that is still current and still secure.
+ </p>
+ <p>
+ Starting in Firefox version 74, the minimum TLS version allowed by
+ default is TLS 1.2. Websites that don't support TLS version 1.2 or
+ higher will display a <em>Secure Connection Failed</em> error page with
+ Error code: SSL_ERROR_UNSUPPORTED_VERSION and a message that
+ <em
+ >This website might not support the TLS 1.2 protocol, which is the
+ minimum version supported by Firefox.</em
+ >
+ The error page may also include a button,
+ <span class="button">Enable TLS 1.0 and 1.1</span> that will allow you
+ to override the minimum TLS requirement; however, Mozilla plans to
+ remove this option and permanently disable TLS 1.0 and 1.1 in a future
+ version of Firefox.
+ </p>
+ <h2 id="w_hsts-required">HSTS required</h2>
+ <p>
+ Other websites may require HTTP Strict Transport Security (HSTS) and
+ will not allow access with an insecure connection.
+ </p>
+ <h1 id="w_security-software-conflict">Security software conflict</h1>
+ <p>
+ Many security products use a feature that intercepts secure connections
+ by default. This can produce connection errors or warnings on secure
+ websites. If you see secure connection errors on multiple secure
+ websites, updating your security product or modifying its settings may
+ resolve the issue.
+ </p>
+ <p>
+ <span class="for" data-for="win8,win10">
+ Alternatively, you can uninstall third-party security software and use
+ Windows Defender, the built-in antivirus on Windows 8 and Windows 10.
+ </span>
+ </p>
+ <p></p>
+ <h1 id="w_incorrect-system-clock">Incorrect system clock</h1>
+ <p>
+ Firefox uses certificates on secure websites to ensure that your
+ information is being sent to the intended recipient and can't be read by
+ eavesdroppers. An incorrect system date can cause Firefox to detect that
+ the website's security certificate is expired or invalid. Make sure your
+ computer is set to the correct date, time and time zone.
+ </p>
+ </div>
+ </body>
+</html>
diff --git a/toolkit/content/neterror/supportpages/time-errors.html b/toolkit/content/neterror/supportpages/time-errors.html
new file mode 100644
index 0000000000..6fcde4c3ca
--- /dev/null
+++ b/toolkit/content/neterror/supportpages/time-errors.html
@@ -0,0 +1,259 @@
+<!DOCTYPE html>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<html>
+ <head>
+ <meta
+ http-equiv="Content-Security-Policy"
+ content="connect-src https:; default-src chrome:; object-src 'none'"
+ />
+ <meta name="referrer" content="no-referrer" />
+ <meta charset="UTF-8" />
+ <link
+ rel="stylesheet"
+ type="text/css"
+ href="chrome://global/skin/offlineSupportPages.css"
+ />
+ <link
+ rel="icon"
+ type="image/png"
+ id="favicon"
+ href="chrome://branding/content/icon32.png"
+ />
+ <title>How to troubleshoot time related errors on secure websites</title>
+ </head>
+ <body>
+ <div id="offlineSupportContainer">
+ <h1>How to troubleshoot time related errors on secure websites</h1>
+ <p>
+ Certificates for secure websites (the address begins with
+ <strong>https://</strong>) are valid only for a certain period of time.
+ If a website presents a certificate with validity dates that don't match
+ the date on your computer's clock, Firefox can't verify that it is
+ secure and will show you an error page.
+ </p>
+ <p>
+ Such issues can often be fixed by setting the correct date, time and
+ time zone on your computer system. If this does not solve the problem,
+ it could be caused by other issues, such as a misconfigured web server
+ or an expired certificate.
+ </p>
+ <div id="toc">
+ <h2>Table of Contents</h2>
+ <ul>
+ <li class="toclevel-1">
+ <a href="#w_list-of-time-related-error-codes-you-may-encounter">
+ <span class="tocnumber">1</span>
+ <span class="toctext"
+ >List of time-related error codes you may encounter</span
+ >
+ </a>
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_set-your-system-clock-to-the-correct-time">
+ <span class="tocnumber">2</span>
+ <span class="toctext"
+ >Set your system clock to the correct time</span
+ >
+ </a>
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_contact-the-website-owner">
+ <span class="tocnumber">3</span>
+ <span class="toctext">Contact the website owner</span>
+ </a>
+ </li>
+ <li class="toclevel-1">
+ <a href="#w_bypass-the-warning">
+ <span class="tocnumber">4</span>
+ <span class="toctext">Bypass the warning</span>
+ </a>
+ </li>
+ </ul>
+ </div>
+ <h1 id="w_list-of-time-related-error-codes-you-may-encounter">
+ List of time-related error codes you may encounter
+ </h1>
+ <div class="for" data-for="fx66">
+ <div class="note">
+ <strong>Note:</strong> A <em>Your Computer Clock is Wrong</em> error
+ page almost certainly means that your computer's clock is set to the
+ wrong date. Some time-related errors will show a
+ <em>Warning: Potential Security Risk Ahead</em> error page. For other
+ time-related errors, you'll get a <em>Secure Connection Failed</em> or
+ <em>Did Not Connect: Potential Security Issue</em> error page.
+ </div>
+ <p>
+ <span class="for" data-for="=fx66"></span>
+ <span class="for" data-for="fx67"></span>
+ </p>
+ <p>
+ Click
+ <span class="for" data-for="not fx67">
+ <span class="button">More Information</span> or
+ <span class="button">Advanced…</span>, depending on the error page,
+ </span>
+ <span class="for" data-for="fx67">
+ <span class="button">Advanced…</span> on the error page</span
+ >
+ to view the error code. One of the following error codes will indicate
+ that the secure connection couldn't be established due to a
+ time-related error:
+ </p>
+ </div>
+ <div class="for" data-for="not fx66">
+ <div class="note">
+ <strong>Note:</strong> If you get a
+ <em>Your connection is not secure</em> error page, click the
+ <span class="button">Advanced</span> button to view the error code and
+ other details. A <em>Secure Connection Failed</em> error page may also
+ indicate a time-related error.
+ </div>
+ <p>
+ One of the following error codes will indicate that the secure
+ connection couldn't be established due to a time-related error:
+ </p>
+ </div>
+ <p>
+ <sub>SEC_ERROR_EXPIRED_CERTIFICATE</sub><br />
+ <sub>SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE</sub><br />
+ <sub>SEC_ERROR_OCSP_FUTURE_RESPONSE</sub><br />
+ <sub>SEC_ERROR_OCSP_OLD_RESPONSE</sub><br />
+ <sub>MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE</sub><br />
+ <sub>MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE</sub>
+ </p>
+ <p>
+ The text on the error page will warn you when Firefox detects that your
+ system date and time is probably wrong and will also show the date and
+ time currently set in your system. If the clock settings are incorrect
+ you should set it to the right time<span class="for" data-for="win,mac">
+ as explained below</span
+ >. Even if the displayed time settings seem to be correct, you should
+ make sure that the time zone settings of your system match your current
+ location.
+ </p>
+ <h1 id="w_set-your-system-clock-to-the-correct-time">
+ Set your system clock to the correct time
+ </h1>
+ <p>
+ Time-related errors on secure websites caused by a skewed system clock
+ can be resolved by setting your correct date, time and time zone<span
+ class="for"
+ data-for="mac"
+ >:</span
+ ><span class="for" data-for="win,linux">.</span>
+ <span class="for" data-for="win">
+ Change your date and time settings from the clock on the Windows
+ taskbar or follow these instructions:</span
+ >
+ </p>
+ <div class="for" data-for="win10">
+ <h2>If you are on Windows 10:</h2>
+ <ol>
+ <li>
+ Click the Windows Start button or press the Windows key<span
+ class="key"
+ ></span
+ >.
+ </li>
+ <li>In the Start menu, select<span class="menu">Settings</span>.</li>
+ <li>
+ In Settings, select<span class="menu">Time &amp; language</span>.
+ </li>
+ <li>
+ In the<span class="menu">Date &amp; time</span> section you can
+ review the current date and time settings. To change your settings
+ click on <span class="button">Change</span> below
+ <span class="menu">Change date and time</span> or expand the
+ <span class="menu">Time zone</span> dropdown menu.
+ <div class="note">
+ If your system is set to manage the time and time zone
+ automatically, you cannot make manual changes.
+ </div>
+ </li>
+ <li>If you are done with your changes, close the Settings window.</li>
+ </ol>
+ </div>
+ <div class="for" data-for="mac">
+ <h2>If you are on Mac OS:</h2>
+ <ol>
+ <li>
+ Click the Apple menu and select
+ <span class="menu">System Preferences</span>.
+ </li>
+ <li>
+ In the System Preferences window, click on
+ <strong>Date &amp; Time</strong>.
+ </li>
+ <li>
+ The panel that opens shows the current date and time settings. In
+ order to adjust them, disable
+ <span class="pref">Set date and time automatically</span>, manually
+ enter the date and time and click
+ <span class="button">Save</span> to confirm your changes.
+ </li>
+ <li>
+ In order to review your time zone settings, click on the
+ <strong>Time Zone</strong> tab. In order to adjust your time zone,
+ disable
+ <span class="pref"
+ >Set time zone automatically using current location</span
+ >, click onto your approximate location in the map and select the
+ city closest to you in the dropdown panel.
+ </li>
+ <li>
+ If you are done with your changes, close the Date &amp; Time window.
+ </li>
+ </ol>
+ </div>
+ <div class="note">
+ <strong>Note:</strong> If the clock on your device constantly resets
+ after you power it off, this might indicate that the battery cell that
+ runs the real-time clock is getting low or is empty. Please consult your
+ manufacturer's manual on how to replace the CMOS battery.
+ </div>
+ <h1 id="w_contact-the-website-owner">Contact the website owner</h1>
+ <p>
+ If you get a time related error on a secure website and you have already
+ checked the correct settings of your system’s clock, please contact the
+ owner of the website which you can’t access and inform them of the
+ problem. The website owner might need to renew the expired certificate,
+ for example.
+ </p>
+ <div class="for" data-for="not fx66">
+ <h1 id="w_bypass-the-warning">Bypass the warning</h1>
+ <div class="warning">
+ <strong>Warning:</strong> You should never bypass the warning for a
+ legitimate major website or sites where financial transactions take
+ place – in this case an invalid certificate can indicate that your
+ connection is compromised by a third party.
+ </div>
+ <p>
+ If you see a <em>Your connection is not secure</em> warning page and
+ the website allows it, you can add an exception to be able to visit
+ the site, despite the fact that the certificate is not trusted by
+ default:
+ </p>
+ <ol>
+ <li>
+ On the warning page, click <span class="button">Advanced</span>.
+ </li>
+ <li>
+ Click <span class="button">Add Exception…</span>. The
+ <em>Add Security Exception</em> dialog will appear.
+ </li>
+ <li>
+ Read the text describing the problems with the website. You can
+ click <span class="button">View…</span>
+ to closer inspect the untrusted certificate.
+ </li>
+ <li>
+ Click <span class="button">Confirm Security Exception</span> if you
+ are sure you want to trust the site.
+ </li>
+ </ol>
+ </div>
+ </div>
+ </body>
+</html>