Steps to reproduce: 1. save the following to a pac file: > function FindProxyForURL(url, host) { > if (host == "www.example.com") { > return "HTTPS test2.upsuper.org:89; HTTPS test1.upsuper.org:88"; > } > return "DIRECT"; > } 2. make the system use this pac file 3. visit www.example.com Expected result: It should show something like "No such host at :88" or some proxy error. Actual result: It reports insecure connection, and "test2.upsuper.org:89 uses an invalid security certificate." In this case, test2.upsuper.org:89 uses the certificate of test1.upsuper.org, and thus it is not valid. But given a fallback is provided, Firefox should probably try that first rather than reporting error directly. Chrome does fallback by default. Note, test1. and test2.upsuper.org are not real proxy. They are just simple https server for testing, so even if connect successfully, you would not see the expected page.

Hi Daniel, Do you think this is a dup of bug 1230803?

Yes kind of. Although the reason for this proxy failure (HTTPS verification failed) is new, it is still the same "we should deal with proxy failure and move on to try the next" and that's work mentioned in that bug.