Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cerificate Errors When Browsing Https Sites


  • Please log in to reply
13 replies to this topic

#1 rsa101

rsa101

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 22 September 2008 - 07:58 PM

I have this problem that I am iognoring for the past several months. I noticed that my certificates have been expired already. Everytime I go to sites like Yahoo login mail the GUI is not properly presented and there is an error that says certificate is already expired. I was infected by malware a month ago and I was able to clean my registry and all the files that is infected with the Malware. I was thinking that maybe the malware that put havoc on my PC made my certificates invalid. Can I still restore my certificates because I feel I am not secured browsing if all my certificates are revoked.

Edited by rsa101, 22 September 2008 - 07:59 PM.


BC AdBot (Login to Remove)

 


#2 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 23 September 2008 - 12:31 PM

See this link:

Error Message When You Try to Connect to Secure Site: Client Certificate Has Expired or Is Not Yet Valid
http://support.microsoft.com/default.aspx?...b;EN-US;Q301803

#3 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 23 September 2008 - 06:45 PM

See this link:

Error Message When You Try to Connect to Secure Site: Client Certificate Has Expired or Is Not Yet Valid
http://support.microsoft.com/default.aspx?...b;EN-US;Q301803



Yup I came across this already and checked if the date is incorrect but it is the correct time and date. What else do you think should I do?

#4 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 23 September 2008 - 07:44 PM

Update root certificates link:

https://getca.verisign.com/

#5 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 23 September 2008 - 08:56 PM

Does this mean I have to buy these certificates? It seem I cannot go into the site you recommended I guess its because its https that's why.

Edited by rsa101, 23 September 2008 - 09:02 PM.


#6 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 24 September 2008 - 08:15 AM

rsa101,

sorry about that https site - no verisign site is not a buy but is a https site which is the issue, so here's the link to Microsoft's Update for Root Certificates - not an https site:

http://www.microsoft.com/downloads/details...;DisplayLang=en

tork

#7 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 24 September 2008 - 09:57 PM

rsa101,

sorry about that https site - no verisign site is not a buy but is a https site which is the issue, so here's the link to Microsoft's Update for Root Certificates - not an https site:

http://www.microsoft.com/downloads/details...;DisplayLang=en

tork

This is still what is shown when I access sites that have https..... I already was able to install the other link and the link above.


Secure Connection Failed
www.xxxxxxxxx.com uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate expired on 9/25/2008 7:59 AM.

(Error code: sec_error_expired_issuer_certificate)

* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.

* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.

Or you can add an exception…

#8 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 25 September 2008 - 07:54 AM

Here's a link to SECURE CONNECTION FAILED:

http://support.mozilla.com/en-US/kb/Secure+Connection+Failed

#9 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 25 September 2008 - 08:33 AM

I have this problem that I am iognoring for the past several months. I noticed that my certificates have been expired already. Everytime I go to sites like Yahoo login mail the GUI is not properly presented and there is an error that says certificate is already expired. I was infected by malware a month ago and I was able to clean my registry and all the files that is infected with the Malware. I was thinking that maybe the malware that put havoc on my PC made my certificates invalid. Can I still restore my certificates because I feel I am not secured browsing if all my certificates are revoked.

Did you have your HJT log checked by a Trained Helper and did that helper give you the message that 'your computer appears clean'? If not , you may still need a clean -up from the infection :thumbsup:

#10 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 September 2008 - 07:13 PM

I have this problem that I am iognoring for the past several months. I noticed that my certificates have been expired already. Everytime I go to sites like Yahoo login mail the GUI is not properly presented and there is an error that says certificate is already expired. I was infected by malware a month ago and I was able to clean my registry and all the files that is infected with the Malware. I was thinking that maybe the malware that put havoc on my PC made my certificates invalid. Can I still restore my certificates because I feel I am not secured browsing if all my certificates are revoked.

Did you have your HJT log checked by a Trained Helper and did that helper give you the message that 'your computer appears clean'? If not , you may still need a clean -up from the infection :thumbsup:



Yes I already submitted my HJT logs to them but not in this forum. I was using a different forum when I submitted my HJT log and they did removed the malware.

#11 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 September 2008 - 07:27 PM

rsa101,

sorry about that https site - no verisign site is not a buy but is a https site which is the issue, so here's the link to Microsoft's Update for Root Certificates - not an https site:

http://www.microsoft.com/downloads/details...;DisplayLang=en

tork



Oh well I guess that is the only solution to it. I have been trying to do that already to all my ssl sites. I am just wondering that since I bypassed the warning my access to those sites are compromised because I bypass the warning.

#12 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 26 September 2008 - 10:16 AM

rsa101,

Bypassing a certificate warning is a temporary workaround for a certificate expired error message which allows you to continue with your connection. The workaround temporarily allows you to successfully establish an SSL encrypted session to a secure site.

In my opinion, continuing to use this bypass workaround is not a good idea. You can be putting yourself at risk by ignoring a security certificate expired meesage - it may indicate a genuine security risk - which if I understand what you are doing you are regularly bypassing these errors. Again, it's up to you as to how you proceed but ignoring security warnings is a poor security practice. Not something I would personally do or recommend. If your cetificates are corrupted and/or out of date - updating is recommended. If you choose to do the Root certificate updates and you still have problems then you probably are still infected.

Also, even if you can successfully update the root certificates, ruby1 has an excellent point - Is the computer clean? I'd recommend you get a second opinion of whether or not your computer is completely clean. Better to know than continue with an infected computer.

tork

#13 rsa101

rsa101
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 27 September 2008 - 05:31 AM

rsa101,

Bypassing a certificate warning is a temporary workaround for a certificate expired error message which allows you to continue with your connection. The workaround temporarily allows you to successfully establish an SSL encrypted session to a secure site.

In my opinion, continuing to use this bypass workaround is not a good idea. You can be putting yourself at risk by ignoring a security certificate expired meesage - it may indicate a genuine security risk - which if I understand what you are doing you are regularly bypassing these errors. Again, it's up to you as to how you proceed but ignoring security warnings is a poor security practice. Not something I would personally do or recommend. If your cetificates are corrupted and/or out of date - updating is recommended. If you choose to do the Root certificate updates and you still have problems then you probably are still infected.

Also, even if you can successfully update the root certificates, ruby1 has an excellent point - Is the computer clean? I'd recommend you get a second opinion of whether or not your computer is completely clean. Better to know than continue with an infected computer.

tork


I submitted my HJT log already... I hope they can finally solved this mystery of my PC soon.

#14 tork

tork

  • Members
  • 718 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:here
  • Local time:09:14 PM

Posted 27 September 2008 - 06:50 AM

Good to hear you submitted an HJT log and I wish you good luck in cleaning up your computer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users