Just a heads up, a brand new install of firefox claims your certificate for https://secure.allakhazam.com is invalid. It claims that the CA is untrusted.
When I view the certificate in firefox it shows:
Could not verify certificate for unknown reasons.
CN = VeriSign Class 3 Secure Server CA - G2
OU = Terms of use at https://www.verisign.com/rpa (c)09
OU = VeriSign Trust Network
O = "VeriSign, Inc."
C = US
Not Before: 10/12/2009 19:00:00 PM
(10/13/2009 0:00:00 AM GMT)
Not After: 10/17/2010 18:59:59 PM
(10/17/2010 23:59:59 PM GMT)
CN = secure.allakhazam.com
OU = Terms of use at www.verisign.com/rpa (c)05
O = Zam Network LLC
L = Los Angeles
ST = California
C = US
In order to login I had to add an exception for this certificate.
- Forums
- Cross Site
- Site and Forum Feedback
- Invalid SSL Cert
Invalid SSL CertFollow
IE8 does not complain.
Here is some CP from the invalid cert page:
This Connection is Untrusted
You have asked Firefox to connect
securely to secure.allakhazam.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.
What Should I Do?
If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.
Technical Details
secure.allakhazam.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
I Understand the Risks
If you understand what's going on, you
can tell Firefox to start trusting this site's identification.
Even if you trust the site, this error could mean that someone is
tampering with your connection.
Don't add an exception unless
you know there's a good reason why this site doesn't use trusted identification.
Here is some CP from the invalid cert page:
Quote:
This Connection is Untrusted
You have asked Firefox to connect
securely to secure.allakhazam.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.
What Should I Do?
If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.
Technical Details
secure.allakhazam.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)
I Understand the Risks
If you understand what's going on, you
can tell Firefox to start trusting this site's identification.
Even if you trust the site, this error could mean that someone is
tampering with your connection.
Don't add an exception unless
you know there's a good reason why this site doesn't use trusted identification.
#3REDACTED,
Posted: Nov 24 2009 at 7:23 AM, Rating: Sub-Default, (Expand Post) Really... a security issue such as this on a site that has got to be a high interest target for some and not a single reply by now?
Seems to be working fine for me. Is it still not working for you?
windexy wrote:
Really... a security issue such as this on a site that has got to be a high interest target for some and not a single reply by now?
Yeah I get that its PROBABLY nothing but seriously?
Yeah I get that its PROBABLY nothing but seriously?
Well, I went down half a page and saw the other thread on the topic where they had said that the certificate was fine and only a select few were still seeing this problem. I guess we assumed you could do the same as well? ;)
◕ ‿‿ ◕
Quote:
Seems to be working fine for me. Is it still not working for you?
Yeah, still not working. Here is why:
http://tiptt.blogspot.com/2009/10/untrusted-connection-error-of.html
Quote:
The Reason
(skip this section and go directly to the solution if you don't care about the technical details.)
The reason why you have encountered such an error is that to encrypt their transactions, softmoc.com use a certificate signed by a Chained/Intermediate Certificate from VeriSign (one of the major certificate authorities). This Chained/Intermediate Certificate is named VeriSign Class 3 Secure Server CA - G2. By default, it is not added to Firefox's Certificate Manager. However, if the website were configured properly, it would send the whole certificate chain to Firefox so that Firefox could trust the Chained Certificate. Apparently, softmoc.com is not properly set up.
The good news is that Firefox can automatically add those intermediate certificates it trusts. So if we have ever visited a website which properly uses the certificate of VeriSign Class 3 Secure Server CA - G2, our Firefox would know this certificate is good. Consequently, Firefox would trust softmoc.com. I have done a little search and found the website that correctly uses this missing intermediate certificate.
(skip this section and go directly to the solution if you don't care about the technical details.)
The reason why you have encountered such an error is that to encrypt their transactions, softmoc.com use a certificate signed by a Chained/Intermediate Certificate from VeriSign (one of the major certificate authorities). This Chained/Intermediate Certificate is named VeriSign Class 3 Secure Server CA - G2. By default, it is not added to Firefox's Certificate Manager. However, if the website were configured properly, it would send the whole certificate chain to Firefox so that Firefox could trust the Chained Certificate. Apparently, softmoc.com is not properly set up.
The good news is that Firefox can automatically add those intermediate certificates it trusts. So if we have ever visited a website which properly uses the certificate of VeriSign Class 3 Secure Server CA - G2, our Firefox would know this certificate is good. Consequently, Firefox would trust softmoc.com. I have done a little search and found the website that correctly uses this missing intermediate certificate.
Quote:
The Solution
Go to one of the web page of the famous Sun Microsystems company: https://getupdates2.sun.com/. The web page will prompt you a dialogue to ask for user name and password. We don't want to do anything with this website, so just click the Cancel button. After that, the required issuer certificate is known and added by Firefox.
Go to one of the web page of the famous Sun Microsystems company: https://getupdates2.sun.com/. The web page will prompt you a dialogue to ask for user name and password. We don't want to do anything with this website, so just click the Cancel button. After that, the required issuer certificate is known and added by Firefox.
Edited, Nov 24th 2009 11:50am by windexy
Quote:
Well, I went down half a page and saw the other thread on the topic where they had said that the certificate was fine and only a select few were still seeing this problem. I guess we assumed you could do the same as well? ;)
If only there were a way to search through forum posts... ;)
Still see this error every time I try to log on from my college campus.
Even if I use the same computer it will happen every day, because apparently they do system resets or something every day that would cause various things, including the security exceptions, to be reset. Because of that I'm guessing I'll just have to deal with it, at least when I log on at school >_>
Even if I use the same computer it will happen every day, because apparently they do system resets or something every day that would cause various things, including the security exceptions, to be reset. Because of that I'm guessing I'll just have to deal with it, at least when I log on at school >_>
Recent Visitors: 129
All times are in CST
Anonymous Guests (129)
- Forums
- Cross Site
- Site and Forum Feedback
- Invalid SSL Cert
© 2024 Fanbyte LLC