Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Natao arisiva ity resaka mitohy ity. Mametraha fanontaniana azafady raha mila fanampiana.

Firefox-only connection problems with some SSL sites network-wide

  • 3 valiny
  • 11 manana an'ity olana ity
  • 8 views
  • Valiny farany nomen'i gohanman

more options

I recently starting experiencing problems with sites not loading in Firefox with the error "Connection was interrupted". I've consistently seen this problem trying to load accounts.google.com. The problem exists in both versions 3.6.26 (OS X 10.4 latest available) and 10.0.1 (Windows XP/7/server2k3). In every single case, other browsers on the same system (Safari, various IE versions) can load the same URLs just fine.

I've already verified no proxy (FF and working browsers, all OSes), disabled ipv6 and preteching in network.dns, disabled all add-ons, deleted existing profiles, cleared cache, and cleared recent history. Existing articles suggest disabling DNS prefetch,

I recently starting experiencing problems with sites not loading in Firefox with the error "Connection was interrupted". I've consistently seen this problem trying to load accounts.google.com. The problem exists in both versions 3.6.26 (OS X 10.4 latest available) and 10.0.1 (Windows XP/7/server2k3). In every single case, other browsers on the same system (Safari, various IE versions) can load the same URLs just fine. I've already verified no proxy (FF and working browsers, all OSes), disabled ipv6 and preteching in network.dns, disabled all add-ons, deleted existing profiles, cleared cache, and cleared recent history. Existing articles suggest disabling DNS prefetch,

All Replies (3)

more options

Follow up: if I pass connections through a Fiddler proxy Firefox (10.0.1, connection fails) issues repeated ocsp requests to ocsp.thawte.com. These requests all get an HTTP 502 back. IE (8, connection works) does not issue a similar request.

more options

Do you have a specific OCSP server set or aborting when validation fails?

Check the OCSP settings:

  • Firefox > Preferences > Advanced > Encryption: Certificates: Validation
  • [ ] "When an OCSP server connection fails, treat the certificate as invalid"

See also:

more options

Nope. Settings are default as far as I can tell. Validate a certificate if it specifies an OCSP server is selected, connection-fails-invalid is not checked.

I resolved the issue after talking to my ISP - there was a DNS caching issue and I was getting an invalid IP for ocsp.thawte.com - but the behavior seems buggy. The OCSP server connection WAS failing (with a timeout) and per Fiddler FF just keeps issuing repeat OCSP requests before eventually giving up with the interrupted connection error. The "When an OCSP server connection fails" option doesn't seem to do what it says in this case; prior to getting the DNS issue fixed the only solution was to disable OCSP completely.

Perhaps the problem is that the OCSP connection timed out rather than being refused or unresolvable, but recognizing multiple timeouts as a connection failure might be more user-friendly.