Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Certificate/Registry Problem w/ Browsers


  • Please log in to reply
20 replies to this topic

#1 Zedmond

Zedmond

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 01:14 PM

I've been having an issue getting a secure connection to websites. And being the novice that I am, have no understanding of certificates, ssl, exceptions, fingerprints, and everything else that I have since come across while researching what to do about my browser connection problem. My fear is that somehow my browser has become compromised and the certificates altered. Also, there was one occasion shortly before the problem in which I found myself foolishly playing in the registry altering and deleting things. (don't ask why) :lmao:

 

I'm pretty sure certificates were what got changed and deleted when I was messing around in the registry. I'm trying to import the old certificates that were lost but can't find some. Maybe that normal I'm not sure. When I view certificates through IE there are none for "personal," "other people," and "untrusted publishers." There is only 1 certificate for "trusted publishers," Is that normal? There is a good amount for "intermediate" and "root."

 

I decided t check the registry at: HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates and no matter what certif i clicked on the registry showed:

 

(Default) (REG_SZ)  (Value not set)

Is that a problem?

 

THANKS



BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 17 February 2016 - 02:25 PM

Hi,
 
- Please post what is the Windows version (7, 8, 10) you are using?

 

- The exact error you see when connecting and using which browser?


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 03:57 PM

Hi,
 
- Please post what is the Windows version (7, 8, 10) you are using?

 

- The exact error you see when connecting and using which browser?

I apologize for not being specific.

 

Windows 10. I'm not seeing an error at this point I just don't have a secured connection to most sites when using my primary Firefox browser or any other.



#4 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 17 February 2016 - 04:07 PM

Hi,
 
Try to access https://www.google.com and tell me the error presented or describe what happens.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#5 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 04:11 PM

There were no problems.



#6 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 04:14 PM

Things have improved a bit over the last couple days because I refreshed the browser. My main concern is the registry settings/values for certificates and the fact that I don't have certificates in numerous certificate groups.



#7 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 17 February 2016 - 04:14 PM

There were no problems.


Do you have problems accessing a specific website?

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#8 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 04:16 PM

At this very moment no. Should I create an exception for this site?



#9 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 17 February 2016 - 05:45 PM

At this very moment no. Should I create an exception for this site?


which site?

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#10 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 17 February 2016 - 06:05 PM

Bleepingcomputer.com

 

It's http but we can trust it correct?



#11 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 17 February 2016 - 06:19 PM

http:// websites don't need any exclusion.

 

The browser only ask to add an exclusion when accessing https:// sites (secure sites related with the exchange of private information) if the site isn't using a recognized (commercial) certificate or something is wrong with the certificate used (week security keys used for example).


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#12 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 18 February 2016 - 02:04 AM

http:// websites don't need any exclusion.

me

The browser only ask to add an exclusion when accessing https:// sites (secure sites related with the exchange of private information) if the site isn't using a recognized (commercial) certificate or something is wrong with the certificate used (week security keys used for example).

oooh, I thought that it was always better to connect https even if site is http as long as they are a known trusted site. I' m on Widers forum as well and I was directed to connect https & create an exception even though their certificate is expired?...



#13 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 18 February 2016 - 04:30 AM

oooh, I thought that it was always better to connect https even if site is http as long as they are a known trusted site.

 

Yes it's true specially if you are exchanging sensitive data with the website. Not exactly on a open forum like this.

 

I' m on Widers forum as well and I was directed to connect https & create an exception even though their certificate is expired?...

 

When something isn't right with the certificates the browser alert you and you need to add some exception to bypass the warning if you trust the site and consider that the problem is not serious.

 

Running an https website costs more money (certificates, more bandwidth, etc.) that's probably the main reasons many websites don't use them and some should have due to the type of service provided.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#14 Zedmond

Zedmond
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 19 February 2016 - 02:58 AM

 

Yes it's true specially if you are exchanging sensitive data with the website. Not exactly on a open forum like this.

So unless I'm accessing email or making a payment of some kind I don't need to be concerned about a secure connection in regards to data theft, but what about in regards to general privacy?

 

Running an https website costs more money (certificates, more bandwidth, etc.) that's probably the main reasons many websites don't use them and some should have due to the type of service provided.

Thanks that was my next question.

 

Back to my initial post, can I assume that the state of my certificates & registry is okay?



#15 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:16 PM

Posted 19 February 2016 - 04:45 AM

 

Yes it's true specially if you are exchanging sensitive data with the website. Not exactly on a open forum like this.

So unless I'm accessing email or making a payment of some kind I don't need to be concerned about a secure connection in regards to data theft, but what about in regards to general privacy?

 

 
Exactly. Not sure what you mean by general privacy, many people don't realize that there is almost no privacy on the internet...
What you can do is take some measures to reduce what you expose:
 
- http://techland.time.com/2013/07/24/11-simple-ways-to-protect-your-privacy/
- https://www.microsoft.com/security/online-privacy/prevent.aspx
- http://www.techsupportalert.com/content/how-protect-your-online-privacy.htm
- https://www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy
 

 

Running an https website costs more money (certificates, more bandwidth, etc.) that's probably the main reasons many websites don't use them and some should have due to the type of service provided.

Thanks that was my next question.
 
Back to my initial post, can I assume that the state of my certificates & registry is okay?

 

 
I think it's ok. Windows auto updates the certificates from time to time so if some are missing they should be reinstalled.


Edited by SleepyDude, 19 February 2016 - 04:49 AM.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users