When attempting to access my Apache Tomcat v9 site via HTTPS in Firefox, I am met with:
An error occurred during a connection to localhost:8443. SSL received an alert record with an unknown alert description.
Error code: SSL_ERROR_RX_UNKNOWN_ALERT
The Tomcat server has a certificate that is trusted by my Firefox. The Tomcat server is configured to require client certificates, of which I have one installed, but Firefox is not prompting me to select one.
There are no errors (or messages of any kind) in any logs in Tomcat. The strange thing is that this used to work last week but has stopped. I tried issuing the server a new certificate but that did not resolve this.
It turns out this is the cryptic error you get in Firefox when it cannot find a client certificate to send the server. In my case the client certificate I had installed expired a couple days ago (which is why it used to work) and so Firefox was not sending it to the server and was thus getting that response.
Generating a new client certificate and loading it into Firefox resolved the issue.
I was able reproduce the error later on by selecting "Cancel" when Firefox asks me what client certificate to use.
I am not sure if it's Tomcat giving the weird SSL response of if it's Firefox not able to understand what's going on but I hope this answer helps others facing this issue in the future.