Jump to content Jump to content

Cannot login to forums in Firefox: Secure Connection Failed


Recommended Posts

I cannot currently log-in (sign-in) to Codemasters forums using Firefox browser: once I click the "Sign In" link at the top of forums' page, Firefox shows me the "Secure Connection Failed" page and suggests to report this error to Firefox developers. So I'm forced to use another browser to use Codies' forums for now.

Link to post
Share on other sites
MTonly said:

I cannot currently log-in (sign-in) to Codemasters forums using Firefox browser: once I click the "Sign In" link at the top of forums' page, Firefox shows me the "Secure Connection Failed" page and suggests to report this error to Firefox developers. So I'm forced to use another browser to use Codies' forums for now.

Sorry to hear that, we've not changed anything so no idea how that has happened. Can you access accounts.codemasters.com ok?
Link to post
Share on other sites
Sorry to hear that, we've not changed anything so no idea how that has happened. Can you access accounts.codemasters.com ok?

@justbiglee: accounts.codemasters.com (FWIW, http url is redirected to https one anyway) is exactly the problematic domain that a user is redirected to when trying to sign-in. It shows the "Secure Connection Failed" error including cases when the root of the domain is loaded directly (i.e. not just via sign-in link).

Looks like the issue takes place in Firefox 37+ while older Firefox 36 works fine.

Firefox 37 is currently in beta and will be released on March 31, 2015. The new version contains several changes as for dealing with secure connections (and the Codies forums' issue is probably related to one of them), namely:

  • Disabled insecure TLS version fallback for site security.
  • Extended SSL error reporting for reporting non-certificate errors.
  • TLS False Start optimization now requires a cipher suite using AEAD construction.

So it's just 11 days until this issue affects many regular users of Firefox. It's probably up to Codemasters' web-developers to take measures to fix the issue. Thanks.

Link to post
Share on other sites
MTonly said:
Sorry to hear that, we've not changed anything so no idea how that has happened. Can you access accounts.codemasters.com ok?

@justbiglee: accounts.codemasters.com (FWIW, http url is redirected to https one anyway) is exactly the problematic domain that a user is redirected to when trying to sign-in. It shows the "Secure Connection Failed" error including cases when the root of the domain is loaded directly (i.e. not just via sign-in link).

Looks like the issue takes place in Firefox 37+ while older Firefox 36 works fine.

Firefox 37 is currently in beta and will be released on March 31, 2015. The new version contains several changes as for dealing with secure connections (and the Codies forums' issue is probably related to one of them), namely:

  • Disabled insecure TLS version fallback for site security.
  • Extended SSL error reporting for reporting non-certificate errors.
  • TLS False Start optimization now requires a cipher suite using AEAD construction.

So it's just 11 days until this issue affects many regular users of Firefox. It's probably up to Codemasters' web-developers to take measures to fix the issue. Thanks.

I'll pass it on to them - thank you :)
Link to post
Share on other sites
  • 2 weeks later...
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ is this the reason?
i can post in this forum, but if i want to check my https://racenet.codemasters.com/  (racenet page) i get the TLS error

Link to post
Share on other sites
  • 2 weeks later...
Is anybody going to take care of this problem? It is April 20th and still not able to login using Firefox. Following Firefox explanation says Racenet web admin is responsible to update his TLS certificate. Now, Why I can have access if I use Cyberfox (64bit) browser?
Link to post
Share on other sites
  • 2 weeks later...

Nothing doing, other than use another browser for now.

Codies, give your webmasters a kick up the backside and get this fixed! Firefox 37.0.2 and not able to log on:

Secure Connection Failed

The connection to accounts.codemasters.com was interrupted while the page was loading.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.



Please...

Link to post
Share on other sites
  • 3 weeks later...
I found out what the problem is, and Codemasters.com webmaster is responsible of this. The page is using and old TLS 1.0 cryptographic protocol when it should be TLS 3.
Firefox is set up to use TLS 3, that's why you get the Connection Failed error. One walk around is to type "about:config" in your Firefox address bar. When asked if are you're sure to proceed click "I'll be carefull.." button. On the Search box type "tls". From the resulting list double-click "security.tls.version.fallback-limit" the value you have should be "3". Change the value to "1". Restart Firefox and you should be able to load the page normally.
I recommend to change the value back to "3" when you finish using Codemasters site because TLS 1.0 has secure vulnerabilities and you don't want to be browsing the web with this setting.

Link to post
Share on other sites
  • 2 weeks later...
@justbiglee,
I've been having a slightly different issue accessing both the forum and 'racenet' websites since Oct/Nov 2014. Basically, I used to get an error as shown in the first attached image. I accidentally found out recently, it was my security software blocking access to the sites. As you can see in the second image, I have to uncheck "scan ssl" option to get the sites working. In other words, every time I refresh the racenet page or access a different page on the site, the SSL option needs to stay unchecked. If not I get the same error.

I did contact your customer service and also my security software support at the time to no avail. I do not have this issue with any other websites.

I've also noticed this warning about "obsolete cryptography" on the connection information tab (third image), although it appears on most other sites too. Not sure if this is related to the above SSL issue.

Hope you can look in to it :)

http://imgur.com/QHBhxlL,A2oYQge,4iIwWu4

Link to post
Share on other sites
@NellyFurtado Not sure if you were replying to me. Clearing cookies has nothing to do with my issue. It's clearly a website issue (something to do with the soon-to-be obsolete SSL). Also, the site uses TLS 1.0 as already mentioned.

And, whatever Maneater happens to be. :p
Link to post
Share on other sites
Any news for the Firefox users? Are you still working on your trouble, Codemasters?

On FF website:
Firefox recently removed support for some outdated, insecure versions of TLS. You should contact the owners of the website to ask them to upgrade to a newer version. Other browsers also plan to remove support for these versions in the future as well.
Other browsers also plan to remove support  - soon  no one will able to connect to your Racenet.com
Hurry up!
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...