Fixed “Execute TLS handshake” in Firefox

The “Execute TLS Handshake” problem in Firefox is a sort of error message that users get when loading certain websites. This message leaves you hanging for a long time and causes the browser to slow down.

What is TLS Handshake?

What is TLS Handshake?

TLS stands for Transport Layer Security. It is the exchange of information between your web browser and the web site you want to visit. The browser starts by asking for the original server of the site. This is done for security reasons, to confirm and verify each other, and to set up TLS encryption algorithms, versions, and session keys. This is usually done during the HTTPS protocol when you download HTTPS sites as a TLS handshake. If you get a “Running TLS handshake” error, the browser is taking too long to verify the website. Therefore, you cannot load the site in your browser.

Now there are several methods you can use to solve the TLS Handshake Execution problem. In this article, I will show you some ways to solve the Performing TLS Handshake error in Firefox. Let’s get started.

What is the cause of the Performing TLS Handshake error in Mozilla Firefox for Windows?

What is the cause of the Performing TLS Handshake error in Mozilla Firefox for Windows?

Several factors can slow down your browser and cause it to hang during a TLS handshake. We have created a list of several possible causes that you should check below!

Recently added add-ons – Extensions and plug-ins can cause this problem, especially if you added them recently. An addon doesn’t have to be malicious to cause this problem, but it should be removed if you find that it has caused this problem.

Installed anti-virus software – Most anti-virus programs have HTTP(S) checks that perform additional checks in addition to the checks that already occur when you open a website.
This can increase site load time, and we recommend that you disable these features in your browser.

IPv6 and DNS issues – Some users have experienced issues with IPv6 connectivity and/or their DNS addresses. Disabling IPv6 and/or changing your DNS address should be enough to resolve the problem in this scenario.

How do I fix the “Running TLS handshake” error in Mozilla Firefox for Windows?

How do I fix the "Running TLS handshake" error in Mozilla Firefox for Windows?

Create a new profile

The first thing you should try is to create a new Firefox profile. When you use Firefox, all of your user settings are linked to a specific profile. The data in your profile may contain misconfigured options or incorrect data, resulting in unusual and hard-to-find errors. It’s easy to get started here, and it will clarify whether the problem is related to settings in Firefox or elsewhere.

First, open a new tab and paste about: profiles into the address bar and press Enter. The profile manager will open. Click “Create New Profile” and follow the wizard. Click on “Set as Default Profile,” then close and restart Firefox. Try visiting a few sites that have a “doing TLS handshake” status. If they load normally now, you know the problem is with your Firefox profile (not with the site itself or your Internet connection).

You can try to restore your original profile (remember to go back to it with the profile manager), but it will be hard to isolate the problem (check if you have set up a proxy connection and try to disable your add-ons), and it may be because of corrupted data in your profile that cannot be easily restored. Instead, you should move important data to the newly created profile. There is also a small possibility that the cause is related to self-signed certificates.

If you are a developer or use interval/private sites, you should check this next solution :

Self-signed certificates with identical subject/issuer information.

If this problem occurs with sites using self-signed certificates, there may be a problem with the way Firefox scans SSL certificates.

Note that if you encounter this problem on common websites such as Google.com, Facebook.com, or Amazon.com, this is not the cause of your problem. It mostly affects developers and users of internal/private sites and services.

If you see slow handshakes on a site with self-signed certificates where the certificate has been replaced several times with new certificates, all of which have the same subject/issuer information (all information in the “Issuer” and “Subject” fields is the same for all certificates), Firefox will eventually choke because of the number of possible path construction combinations.

An example of this would be a service that generates a new certificate for “local domain. test” on every reboot, visits it several times, and accepts the self-signed certificate. Firefox will then store all these certificates in its local database and compare them all to each other to see if there is a correct path.

Following the steps above, creating a new profile will temporarily solve the problem. To see if this is the cause, go back to your profile (following the instructions above) and then open the profile folder in your operating system’s file explorer.

An easy way to do this is to go to the Support section, and then click “Open Folder” in the Profiles folder. Find cert8.db in your file explorer and rename the file (for example, “cert8.db.bak”) so that Firefox will replace it. Restart your browser and try accessing another site. If the page loads normally, you have confirmed that the problem is related to a local certificate database that stores too many self-signed certificates with the same name.

Firefox slows down noticeably after saving 7-8 self-signed certificates with the same name. After saving 10, it slows down considerably and can hold in “Do TLS handshake” mode for 30 seconds or more. If it takes time to accumulate that many identical certificates, it may be convenient to just repeat this process every few months. Otherwise, you will have to adapt the way your service generates new certificates so that they do not contain identical information.

Wait for it

If this problem occurs suddenly, it could be due to temporary network problems. If all HTTPS connections suddenly load slowly, your ISP may be having trouble connecting. If only certain websites are involved, the problem may be related to blockchain verification, part of the TLS handshake that requires you to connect to third-party servers.

If the problem resolves itself within a day, that’s probably the problem.

Frequently Asked Questions

Click the "Set as default profile" button, then close and restart Firefox. Try visiting a few sites that are stuck in the "Perform TLS Handshake" status. If they load normally now, you'll know that the problem is with your Firefox profile (not with the site itself or your Internet connection).

  1. Press the Windows + I keys on your keyboard.
  2. While in the Settings app, select Time and Language.
  3. Go to the right pane and set the switch to "Automatically set time on".
  4. Restart your computer, then try accessing the website again to see if the TLS handshake error is gone.

An SSL/TLS handshake is a negotiation between two parties on a network - for example, between a browser and a Web server - to determine the details of their connection.

Thus, SSL is not a completely secure protocol in 2019 and beyond. TLS, the most modern version of SSL, is secure. Besides, newer versions of TLS offer performance advantages and other improvements. Not only is TLS safer and more powerful, but most modern web browsers no longer support SSL 2.0 and SSL 3.0.