Your connection is not secure

The website tried to negotiate an inadequate level of security.
WEBSITE.TLD uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal
information which you thought to be safe. The website administrator will need to fix the server first before you
can visit the site.

Error code: NS_ERROR_NET_INADEQUATE_SECURITY

I’ve come across this error a few times, but most recently I when using Firefox Developer Edition v64.0b9 (64-bit) to test a newly created website.

You may find it interesting to know this isn’t really a Firefox issue. It’s an issue with the HTTPS/2 protocol and the ciphers currently present on the web server, hosting the offending website.

I have read where this issue has also surfaced for users of Google’s Chrome and Mozilla’s Firefox (the standard edition).

The Solution

To fix this error, one needs to log in to the server of the offending website and run the following command:

USER@SYSTEM:~$ sudo apt-get update

…to get the most recent package lists from the repositories.

Then run the following command:

USER@SYSTEM:~$ sudo apt-get install --only-upgrade libnss3

…to attempt to upgrade libnss3 to the most recent version.

Then run the following command:

USER@SYSTEM:~$ sudo apt-get install libnss3-dev

…to install the libnss3 Developer Files.

Then run the following command:

USER@SYSTEM:~$ sudo nginx -t && sudo service nginx restart

…and the result should be no more NS_ERROR_NET_INADEQUATE_SECURITY error!

The Credit

Some of the information found on this post came from this Debian.org bug report.

LetsEncrypt advises a cipher suite configuration likely needs modified, in this LetsEncrypt Community article and points readers to the Mozilla SSL Configuration Generator

.