При открытии некоторых сайтов в Mozilla Firefox доступ к их содержимому может быть заблокирован ошибкой SSL_Error_Bad_Mac_Alert. Во многих случаях проблема возникает по причине того, что не выполняется проверка SSL.
Неправильная дата и время также могут привести к аннулированию сертификата безопасности, что в конечном итоге заставит браузер прервать соединение. Поэтому перед применением решений проверьте, правильно ли они установлены. Щелкните на часы в области уведомлений и выберите настройку даты и времени. Переместите переключатели автоматической установки времени и часового пояса в положение «Включено».
Добавление сайта в список незащищенных резервных хостов
Если сталкиваетесь с ошибкой SSL_Error_Bad_Mac_Alert при посещении сайта, уровень защиты на котором не вызывает у вас сомнений, то можете добавить его в список небезопасных резервных хостов. Таким образом, он будет исключен из проверки SSL, которая вызывала ошибку.
Имейте в виду, что это решение применимо только для защищенных сайтов https (c сертификатом ssl), которому полностью доверяете. Избегайте добавления сомнительных сайтов в список небезопасных хостов.
Если осознаете риски для безопасности, следуйте инструкции.
В адресной строке браузера Firefox наберите «about:config» и нажмите на Enter для входа в меню расширенных настроек.
При отображении окна «Продолжайте с осторожностью» кликните на кнопку «Принять рис и продолжить».
В навигационную строку вставьте «security.tls.insecure_fallback_hosts». При отображении искомого параметра нажмите на значок редактирования. В текстовом поле введите URL-адрес и нажмите на Enter.
После перезапуска Firefox попробуйте открыть страницу, доступ к которой был заблокирован ошибкой SSL_Error_Bad_Mac_Alert.
Перезагрузка роутера
Ошибка с доступом на отдельные ресурсы может произойти из-за несогласования сети. Возможно, что ее текущее состояние зависло в неопределенном состоянии, при котором блокируется возможность взаимодействия компьютера с внешними серверами через браузер.
Поэтому если сталкиваетесь с ошибкой SSL_Error_Bad_Mac_Alert, попробуйте перезапустить роутер. Отключите устройство, затем подождите 30 секунд прежде чем включить его обратно. После установки подключения проверьте, решена ли проблема.
Активация параметра Security.SSL3
Если столкнулись с сообщением SSL_Error_Bad_Mac_Alert после обновления Firefox, то, скорее всего, в расширенных настройках был отключен параметр Security.SSL3. Для его включения выполните следующие шаги:
В адресной строке наберите «about:config» и нажмите на Enter для входа в расширенные настройки. При отображении предупреждения кликните на кнопку «Принять риск и продолжить».
В строке поиска наберите Security.SSL3.
При отображении результатов прокрутите вниз и найдите параметр «Security.SSL3». Установите значение «true», и перезагрузите браузер Firefox.
Перейдите на страницу, на которой сталкивались с кодом ошибки SSL_Error_Bad_Mac_Alert и посмотрите, решена ли проблема.
Перейти к содержимому
Заметил как-то при открытии в браузере веб-интерфейса iLO следующую ошибку:
Ошибка при установлении защищённого соединения
При соединении с 172.16.1.2 произошла ошибка. SSL-узел сообщил о некорректном коде аутентификации сообщения. Код ошибки: SSL_ERROR_BAD_MAC_ALERT
Страница, которую вы пытаетесь просмотреть, не может быть отображена, так как достоверность полученных данных не может быть проверена.
Пожалуйста, свяжитесь с владельцами веб-сайта и проинформируйте их об этой проблеме.
Временным решением данной ошибки может быть снятие галочки напротив «Использовать TLS 1.2» в Панель управления\Сеть и Интернет\Свойства браузера — вкладка «Дополнительно«.
После этого страница должна открываться в браузере Internet Explorer или Edge.
Вторым оптимальным решением данной проблемы есть обновление версии прошивки iLO.
Смотрите по этому поводу мою статью — Обновление прошивки iLO 3 на HP серверах
Few things are more annoying than running into error messages when you’re just trying to access online content. This is especially true if you’re dealing with a less common issue such as ERR_SSL_BAD_RECORD_MAC_ALERT.
Fortunately, this error message is caused by client-side issues, so you should be able to fix everything on your end. Plus, all of the troubleshooting methods are relatively quick and easy to implement.
In today’s guide, we’ll explore the common causes of the ERR_SSL_BAD_RECORD_MAC_ALERT error. Then, we’ll show you six ways to troubleshoot and fix it. Let’s jump in!
What Is the ERR_SSL_BAD_RECORD_MAC_ALERT Error?
When you first see the ERR_SSL_BAD_RECORD_MAC_ALERT error, it’s not surprising that you might think it’s related to the Secure Sockets Layer (SSL) protocol. Many error messages that contain “SSL” signify an issue with a website’s SSL certificate that must be resolved by reissuing and reinstalling it.
However, ERR_SSL_BAD_RECORD_MAC_ALERT is actually a client-side error that signals a problem with your device. Although you may see ERR_SSL_BAD_RECORD_MAC_ALERT on Android or iOS devices, most users will encounter it on laptops or desktop computers:
It’s typically seen in the Google Chrome browser, which is the most popular browser worldwide. You’re also more likely to see it when accessing a network via WiFi instead of an ethernet cable.
That being said, ERR_SSL_BAD_RECORD_MAC_ALERT is a pretty rare Chrome error. In the next section, we’ll explain the limited reasons why you might be seeing this error message.
Frustrated by the ERR_SSL_BAD_RECORD_MAC_ALERT error when accessing online content? Fix it fast with this guide! 🚀Click to Tweet
What Are the Causes of the ERR_SSL_BAD_RECORD_MAC_ALERT Error?
This Chrome error message is often linked to using WiFi optimizer hardware or software such as an Intel Killer network card. Killer products can boost performance, particularly on Alienware and other gaming computers. They do this by reducing latency and speeding up the gaming experience.
However, some network cards and adapters, notably the Killer(R) Wireless-AC 1550i Wireless Network Adapter (9560NGW), can trigger ERR_SSL_BAD_RECORD_MAC_ALERT. That’s because some of the settings within the Killer Control Center can interfere with your internet connection to some websites.
Additionally, this Chrome error message can signify transmission issues with your router. The router may have a low Maximum Transmission Unit (MTU), preventing it from transporting enough data to connect with some sites.
ERR_SSL_BAD_RECORD_MAC_ALERT can also be linked to an outdated Operating System (OS) version. This error message is most commonly seen on Windows computers, and some older versions of the Windows software can conflict with other settings on your device.
As you can probably see, all of these leading causes point to issues with your device’s configuration or external hardware. Fortunately, that makes it relatively easy to resolve the error message because there are only a few potential culprits.
How To Fix the ERR_SSL_BAD_RECORD_MAC_ALERT Error (6 Methods)
Before jumping into this tutorial, we recommend following a few general troubleshooting steps. Corrupted cached data is often behind many Google Chrome errors, so it’s worth taking a moment to clear your browser cache.
Similarly, Chrome extensions can sometimes trigger error messages within the browser. You can check out our guide on how to remove Chrome extensions to see if one of them is the culprit.
If neither of these basic troubleshooting steps resolves the ERR_SSL_BAD_RECORD_MAC_ALERT error, it’s time to jump into our tutorial on how to fix it!
1. Plug In an Ethernet Cable
Attaching an ethernet cable to your computer isn’t a permanent solution, and it may not be possible if you’re using a public network. However, it can be handy if a single webpage triggers the error message, and you just need its information quickly.
Additionally, this troubleshooting method will also indicate the underlying causes of ERR_SSL_BAD_RECORD_MAC_ALERT. If plugging in an ethernet cable removes the error message, you can be confident that there are underlying issues with your wireless network settings. If it doesn’t, then it’s time to move on to the other steps in our tutorial.
2. Update Your Operating System
Occasionally, outdated software can trigger browser errors and other problems on your device. In the case of ERR_SSL_BAD_RECORD_MAC_ALERT, you may be dealing with an outdated OS version.
Fortunately, it’s pretty easy to update your OS, and it shouldn’t take more than a few minutes. Plus, updating the software will likely come with bug fixes and general performance enhancements for your computer.
If you use Windows, head to Settings > Windows Update and click on Check for updates. You may already see a new software version available, so just hit Download & install:
Then, simply follow the prompts to download and install the software. Your computer will also probably need to restart during this process.
If you use macOS, you can find new updates by clicking on the apple icon and navigating to System Preferences > Software Update. If there is software available here, click on Upgrade Now and follow the prompts to complete the installation:
If there are no updates available, then macOS is up-to-date. In that case, continue on to the next troubleshooting method.
3. Disable HTTPS Inspection in Your Antivirus Software
Antivirus software is essential to preventing malware on your device and protecting your online activities. Many programs also include a firewall that works against hackers and other malicious actors.
However, some antivirus software settings can also trigger erroneous errors. In this case, “HTTPS inspection” or similar functions can cause the ERR_SSL_BAD_RECORD_MAC_ALERT error.
The exact name of this setting and how to disable it will depend on which antivirus software you have active on your computer.
For example, if you use Avast, you’ll need to launch the program and head to Menu > Settings > Protection > Core Shields:
Next, scroll down to Configure shield settings and open the Web Shield tab. Finally, uncheck the box next to Enable HTTPS scanning and save your changes:
If you’re using different antivirus software, we recommend consulting its official documentation for guidance on how to turn off “HTTPS inspection.”
4. Update or Disable Your Killer Network Card or Network Adapter
As we mentioned earlier in this post, you may be using a Killer network card to boost your gaming computer’s performance. Network adapters from the same brand can also help your desktop device connect to a WiFi network.
However, these cards and network adapters can sometimes trigger the ERR_SSL_BAD_RECORD_MAC_ALERT error. This is especially true if you’re using the Killer(R) Wireless-AC 1550i Wireless Network Adapter (9560NGW) because multiple users have reported issues with this hardware.
The first step is updating the software for your Killer network card and/or network adapter. In many cases, this should clear the error message. However, if this doesn’t work, you may need to disable the hardware.
Disabling your network adapter can be problematic because you’ll need a new way to connect to the wireless network. That’s why we recommend trying the other troubleshooting methods first.
5. Turn Off Advanced Stream Detect in the Killer Control Center
When you use some Intel Killer products with your computer, you can access the Killer Control Center (now known as the Killer Intelligence Center since 2021). This software enables you to control your wireless network setup, including access points and network usage.
This control center also has a setting called Killer Prioritization Engine (formerly known as Advanced Stream Detect). This setting automatically controls network traffic to ensure you’ll have the fastest and most stable connection.
However, Advanced Stream Detect is also a known cause of ERR_SSL_BAD_RECORD_MAC_ALERT. Therefore, we recommend disabling it to see if it’s causing the error message.
You can do this by launching Killer on your device and heading to Settings. You should then be able to disable Killer Prioritization Engine by toggling it off. Then, try reloading the webpage showing the ERR_SSL_BAD_RECORD_MAC_ALERT error to see if it’s been resolved.
6. Increase the Maximum Transmission Unit (MTU) of Your Router
Finally, this Chrome error message could indicate an issue with your router’s configuration. In particular, your router may have a low Maximum Transmission Unit (MTU) setting.
MTU determines how much data (in packet form) can be sent through your system at any given time. If this setting is too low, then your computer might be unable to load a “heavy” webpage, thereby triggering an error message.
To increase your router’s MTU, you’ll need to access your internet provider’s settings. To do this, enter “192.168.1.1.” or “192.168.0.1.” into your browser’s search bar and hit the Enter key.
These are the default IP addresses for most routers, but yours may be different. If they do work, you should then be prompted to enter a username and password for your internet provider:
Once logged in, find your WAN settings. Then, look for MTU and change its value to “1400.” Make sure to save your changes. If you don’t have the appropriate information to access these settings, you can always get in touch with your internet provider to get it.
Is It Possible To Avoid This Error With a Reliable Host?
Since ERR_SSL_BAD_RECORD_MAC_ALERT is a client-side error, you won’t be able to avoid it by partnering with a reliable host. However, there are many other benefits to choosing a reliable managed hosting provider like Kinsta:
For starters, many other error messages can point toward issues with your SSL certificate or website configuration. Kinsta can assist you by helping you install a fresh SSL certificate and providing 24/7 multilingual support from our dedicated team.
Additionally, Kinsta is built for speed and security. Our hosting plans use high-end CPUs and data centers across the world to boost your loading times. Plus, we take care of automatic backups, offer hack and malware removal, and provide an uptime guarantee for your peace of mind.
Overall, no company can guarantee that you won’t run into errors on your WordPress site. But by partnering with a top-quality host like Kinsta, you can be sure that you’ll have the tools you’ll need to resolve any issues.
Don’t let the ERR_SSL_BAD_RECORD_MAC_ALERT error slow you down! Learn the easy fixes here and get back to browsing. 🌐Click to Tweet
Summary
While there are plenty of common Google Chrome errors, you may be scratching your head if you see an unusual message like “ERR_SSL_BAD_RECORD_MAC_ALERT”. Despite its name, this error message doesn’t indicate problems with a website’s SSL certificate. Instead, there are likely network configuration issues on your computer.
To troubleshoot this error, we recommend connecting an ethernet cable and updating your OS. If that doesn’t work, it’s time to disable “HTTPS inspection” in your antivirus software and increase the MTU of your router. Finally, if you’re using a Killer network card or adapter, you may need to update it, uninstall it, or disable its Advanced Stream Detect setting.
If you’re sick of running into error messages on your own website, it might be time to change hosting providers. When you partner with a managed WordPress host like Kinsta, you’ll have a support team on hand to help you out with any problems. Check out our plans today!
A couple users at our site intermittently receive a SSL_ERROR_BAD_MAC_ALERT error when navigating to Google in Firefox. This happens in Version 99.0.1 (64-bit) on Windows 10 computers. When the issue occurs, users can navigate to other websites without issues. Navigating to Google in a different browser works no problem. Restarting the browser will resolve the issue. Clearing cookies and site data has no effect. Users can also refresh the page after some time and the issue will go away.
Any idea as to why this is happening?
A couple users at our site intermittently receive a SSL_ERROR_BAD_MAC_ALERT error when navigating to Google in Firefox. This happens in Version 99.0.1 (64-bit) on Windows 10 computers. When the issue occurs, users can navigate to other websites without issues. Navigating to Google in a different browser works no problem. Restarting the browser will resolve the issue. Clearing cookies and site data has no effect. Users can also refresh the page after some time and the issue will go away.
Any idea as to why this is happening?
Attached screenshots
Chosen solution
This could be a problem with the TLS 1.3 Early Data feature also known as Zero Round Trip Time Resumption (0rtt).
You can try to set security.tls.enable_0rtt_data = false on the about:config page to disable this feature until this is fixed by Google or Mozilla to see if that helps.
See also:
- /questions/1376015 Issue with most Google sites on Firefox v100 64bit
Read this answer in context
👍 8
All Replies (13)
Unfortunately, none of the suggestions in those articles resolves the issue.
Did you disable the A/V and try to see what happens.
I’m also having this issue with more and more users… They are all work from home
We tried the following:
Cleared Cache & Cookies Refreshed Firefox Deleted the user's Mozilla Firefox folders from \AppData Re-installation of Firefox Tried to change windows DNS to Cloudflares and Google's Migrated to Firefox regular from DEV Firefox Disabled DNS Prefetching in Firefox Settings Disabled AV for one user Adding Website to a list of Insecure FallBack Hosts Power Cycling PC + Router/Modem
The only solution so far is to migrate the user to Chrome Browser instead
But we would rather avoid that if possible..
Modified by Nestea
I should clarify that I tried all of the solutions except for disabling AV (Sophos), which I cannot do. If you know of a different way to check if the AV software is causing the issue, I would be happy to try it.
The solution outlined here did temporarily resolve the issue:
https://superuser.com/questions/1280239/firefox-secure-connection-failed-ssl-error-bad-mac-alert
However, the issue is occurring today again. Interestingly, reverting that change temporarily resolved the issue again. So it seems that just changing that setting refreshes something to alleviate the issue, but then it will still come back after some time.
krisa15 said
If you know of a different way to check if the AV software is causing the issue . . .
Start your Computer in safe mode with network support.
Then start Firefox.
Try Secure websites. Is the problem still there?
Starting Any Computer In Safe Mode (web link)
Free Online Encyclopedia
https://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10/
+++++++++++++++++++++++++++++++++++++++++++++++
If the problem goes away with the computer in Safe Mode,
the problem is with one of the other programs on the system.
As a test, disable your protection programs.
I can confirm that the issue does not occur is safe mode. I also, ran process monitor and do see Sophos performing operations on Firefox files when the issue is active.
It seems that updating any of the security.tls* parameters in Firefox will temporarily resolve the issue. I tested changing a few other random settings, but that did not resolve the issue. It seems that changing any of the security.tls* parameters clears some sort of cached information that might be corrupt.
Chosen Solution
This could be a problem with the TLS 1.3 Early Data feature also known as Zero Round Trip Time Resumption (0rtt).
You can try to set security.tls.enable_0rtt_data = false on the about:config page to disable this feature until this is fixed by Google or Mozilla to see if that helps.
See also:
- /questions/1376015 Issue with most Google sites on Firefox v100 64bit
The issue has not occurred again since setting security.tls.enable_0rtt_data = false.
Thanks!
Same problem here.
Disabling Sophos Intercept X Essentials (temporarily) solves the problem.
Other browser, Microsoft Edge, no problem at all.
Will try the the about:config suggestion.
I have the same issue on one (and only one) computer and I’ve only found the issue with google.com. A few searches (or a few pages of the one search) and the connection dies and I get the MAC error as per the OP. No other site is affected and flipping to another browser and google then works fine. The computer is win10 20H2 with the commercial version of windows security & with corp firewall & filters between me & the big bad internet. I’d tried numerous options posted elsewhere, but setting «security.tls.enable_0rtt_data» to false immediately fixed the problem without needing to restart FF. In contrast to some of the other comments, restarting FF did not fix the problem for me, the only fix was to wait a good 4-5 hours & suddenly I was able to access google again. Even rebooting the pc was no help.
One possibly relevant pre-existing FF tweak I use is to force google to use google.com and not google.com.au (I get a more useful search results from the former compared to the local version).
The ‘ssl_error_bad_mac_alert‘ error typically occurs in Mozilla Firefox when affected users attempt to visit certain secured websites. In some cases, the error appears when the user attempts to send emails via the IMAP interface to Gmail.
We have analysed several user reports to find potential causes – as it turns out, this issue can occur due to the fact that a certain SSL check is failing, forcing the browser to throw this error and restrict the user from accessing the website. In this case, you can resolve the issue easily by accessing the advanced Firefox Preference menu and adding the website to the list of Insecure FallBack Hosts.
Another potential cause that might lead to this browser behavior is a network connection that ends up blocking communications between your browser and external servers. In this case, you can fix the issue by performing a power-cycling procedure on your router or modem, forcing your network to start fresh.
One scenario that might force your browser to invalidate SSL certificates and throw this error, as a result, is an incorrect system-wide time & date. Several users encountering the same problem have reported that they finally managed to resolve the issue after they accessed the Date and Time settings and updated the values accordingly.
It turns out that certain older machine configurations will need a certain Firefox advanced setting advanced in order to be able to connect to SSL3 web-servers without errors. If this scenario is applicable, you can fix the issue by accessing the Advanced Preferences tab and setting the value of security.ssl3 to True.
1. Adding Website to the list of Insecure FallBack Hosts
If you’re certain that the SSL website where you’re encountering the issue is completely secure, you can prevent the SSL_Error_Bad_Mac_Alert from ever appearing again by accessing the Mozilla Firefox config files and adding the secure SSL to the list of Insecure FallBack Hosts.
This will except the website you trust from the SSL check that was previously causing the issue. A lot of affected users have confirmed that this procedure is what allowed them to get rid of the issue indefinitely.
IMPORTANT: This should only be attempted with an SSL secured website that you completely trust. Do not add questionable websites to the list of Insecure FallBack Hosts.
If you understand the security risks and you’re prepared to add the website to the Firefox list of Insecure FallBack Hosts, follow the instructions here:
- Open up your Mozilla Firefox browser, type ‘about:config‘ in the navigation bar and press Enter to open up the Advanced Preferences menu.
- When you see the Proceed with Caution prompt, click on Accept the Risk and Continue.
- Once you’re inside the Advanced Preferences menu, paste security.tls.insecure_fallback_hosts into the navigation bar and press Enter to find the setting preference.
- When the results show up, click on the Edit icon associated with security.tls.insecure_fallback_hosts entry (right-hand section).
- In the newly appeared text box, simply enter the website URL that you’re encountering the issue with and hit Enter.
- Restart your Mozilla Firefox browser and see if the issue is resolved at the next program startup.
In case you’re still encountering the same security.tls.insecure_fallback_hosts error or you’re looking for an approach that will not expose your system to any security risks, move down to the next potential fix below.
2. Power-Cycling the Router / Modem
As it turns out, this particular issue can also occur due to a network inconsistency. It’s possible that your current network state is stuck in a limbo state. This might block your PC ability to communicate with external web servers through your browser.
If this scenario is applicable, you can most likely fix the issue by performing a power-cycling procedure on your router. This operation should not be confused with a router reset. Opposite from a reset, this will not affect your credentials and any previously established.
To initiate a power-cycling procedure, press the ON / OFF button and leave the network device turned off at least 30 seconds or more. If you want to make sure that the operation is a success, also disconnect the power cable from your power outlet. This will force your network to start fresh at the next router/modem startup.
Note: Do not confuse the power button with the reset button. The reset button will reset every previously established network settings and custom credentials.
If you already did this and you’re still encountering the same issue, move down to the next potential fix below.
3. Setting the Correct time & Date
As it turns out, another reason that might make your Mozilla Firefox throw the security.tls.insecure_fallback_hosts error is an inconsistent date & time. This might invalidate the security certificate, forcing your browser to interrupt the connection.
If this scenario is applicable, you can fix the issue by accessing your Date & time settings and modifying the values to the current values. Several affected users encountering the same issue have confirmed that this operation finally stopped the error message from appearing.
- Open up a Run dialog box by pressing Windows key + R. Next, type ‘timedate.cpl’ and press Enter to open the Date and time windows.
Opening the Date and time window - Once you manage to get inside the Date & Time window, navigate to the Date and Time tab and click on Change date and time.
Setting the correct date & time - Inside the Date and Time window, use the provided calendar to set the appropriate Date and Time values.
Modifying Time & date - Once the modifications have been completed, restart your computer and visit the same website ad the next startup sequence to see if the issue is resolved.
In case you’re still encountering the same ‘ssl_error_bad_mac_alert‘ error, move down to the next potential fix below.
4. Setting Security.SSL3 to TRUE
If you’re encountering the issue with an old machine that is not publicly exposed, you might get the ‘ssl_error_bad_mac_alert‘ error with a lot of valid SSL web servers until you find the time to access Firefox’s Advanced Preferences and enable Security.SSL3.
In case you noticed that the error suddenly started occurring after Firefox updated itself, chances are you’re encountering the problem due to the fact that Security.SSL3 is disabled by default.
Here’s a quick guide on ensuring that Security.SSL3 is enabled on your Firefox browser:
- Open your Firefox browser, type ‘about:config‘ and press Enter to access the Advanced Preferences menu.
- When you see the ‘Proceed with Caution‘ prompt, click on the Accept the Risk and Continue button.
- Inside the Advanced Preferences menu, use the search menu at the top to search for security.ssl3 and press Enter to see the results.
- Once the results are in, scroll down to the bottom fo the screen and locate security.ssl3.
Note: If you have the option to choose from a string, boolean and float, choose boolean. - Next, ensure that the value of security.ssl3 is set to true, then save the modifications and restart your Mozilla Firefox browser.
- Visit the same website that was previously displaying the ‘ssl_error_bad_mac_alert‘ error and see if the issue is now resolved.
Kevin Arrows
Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.