Jump to content

Certificate errors on many websites

can_of_lit
 Share
Posted

Hi all, on my windows 10 pro computer, there's been a problem with most websites showing up as having an invalid certificate, even trusted sites like cnet.com (not only website just an example). It says, your connection isn't private, and when I click on proceed anyway, I checked the certificate and it says that it's invalid. Some websites, it won't even let me click on proceed anyway (there's no option to), and says instead. "You cannot visit www.example.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later." This happens on all browsers. I think one of the causes for this is my dad's work applications. He has to use a vpn and stuff to remotely access his work desktop, and it messes up with the settings and whatnot. This problem was on my surface pro, which he also downloaded his work stuff for, and it was fixed after resetting windows completely. This isn't an option for me since I have too much important stuff on it. I tried to reinstall windows and I selected, "keep apps and files". No luck with that. Also made sure my time and stuff was correct. For these websites that I'm able to click on proceed anyway, the certificate is issued by "R3". The ones that don't give any warning don't say issued by R3 though.

The applications he used were Big IP F5 and Citrix reciever.

Link to comment
https://linustechtips.com/topic/1395030-certificate-errors-on-many-websites/
Share on other sites
Link to post
Share on other sites
Posted (edited)
1 hour ago, can_of_lit said:

Hi all, on my windows 10 pro computer, there's been a problem with most websites showing up as having an invalid certificate, even trusted sites like cnet.com (not only website just an example). It says, your connection isn't private, and when I click on proceed anyway, I checked the certificate and it says that it's invalid. Some websites, it won't even let me click on proceed anyway (there's no option to), and says instead. "You cannot visit www.example.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later." This happens on all browsers. I think one of the causes for this is my dad's work applications. He has to use a vpn and stuff to remotely access his work desktop, and it messes up with the settings and whatnot. This problem was on my surface pro, which he also downloaded his work stuff for, and it was fixed after resetting windows completely. This isn't an option for me since I have too much important stuff on it. I tried to reinstall windows and I selected, "keep apps and files". No luck with that. Also made sure my time and stuff was correct. For these websites that I'm able to click on proceed anyway, the certificate is issued by "R3". The ones that don't give any warning don't say issued by R3 though.

The applications he used were Big IP F5 and Citrix reciever.

There are a couple of possibilities I can think of:  

1) the certificates actually are bad.  This does happen occasionally.  Generally when some Sysop has screwed up.  It’s not common though. 

2) they’re only listing as bad.  Could be because your computer isn’t reading then right for some reason.  This would mean all sites would have bad certificates though.  You are saying only most, which makes the whole thing weird.  Might then have something to do with what system they are running and this how the certificate is being presented.  The why of that one eludes me.  I’m just guessing.


I was getting bad certificates at one point repetitively from Mozilla for example, which is not a site where that sort of thing would be ignored.   It eventually went away though after I updated my OS. Perhaps one of those one click “refresh” type things would help if you’re running windows. Might help, might not.

Edited by Bombastinator

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
Posted

The organisation is just R3?  Can you see when the expiry date for the certificate is? 

 

Overall pretty dodgy. Do your certificate issues occur when you are disconnected from the VPN?  If not, then it's probably just some work firewall as it goes through the VPN, if so, it shouldn't do. 

 

Personally, I'd call up his work or get your dad to send an email to their support desk asking to confirm if the details for the certificate match theirs, and if not, then I'd report it as a security incident. 

 

Might be paranoid, but corporate attacks are becoming much more common.

 

To stay on the side of caution, reset your passwords to your most critical accounts from another device without this error for now, in-case it is actually something malicious. 

Link to post
Share on other sites
Posted
  • Author
37 minutes ago, Akolyte said:

The organisation is just R3?  Can you see when the expiry date for the certificate is? 

 

Overall pretty dodgy. Do your certificate issues occur when you are disconnected from the VPN?  If not, then it's probably just some work firewall as it goes through the VPN, if so, it shouldn't do. 

 

Personally, I'd call up his work or get your dad to send an email to their support desk asking to confirm if the details for the certificate match theirs, and if not, then I'd report it as a security incident. 

 

Might be paranoid, but corporate attacks are becoming much more common.

 

To stay on the side of caution, reset your passwords to your most critical accounts from another device without this error for now, in-case it is actually something malicious. 

Forgot to say this, but I completely unninstalled all of the applications and made sure there are no xtra files or anything. The dates show that it's in the time span, which is realy weird. And yes, all it says is "R3"

 

Link to post
Share on other sites
Posted
  • Author
1 hour ago, Caroline said:

Are the programs still installed? what about the VPN? it sounds like those sites are blocked. Big IP does that.

 

You know, companies are miniature totalitarian regimes and you can only access the sites the supreme leader allows. [r/antiwork intensifies]

that could be it tbh

 

Link to post
Share on other sites
Posted
1 hour ago, can_of_lit said:

Forgot to say this, but I completely unninstalled all of the applications and made sure there are no xtra files or anything. The dates show that it's in the time span, which is realy weird. And yes, all it says is "R3"

 

If the certificate is not yet expired, and is still causing errors in your browser it means the authority isn't trusted. 

 

That's definitely really dodgy, you'd see something similar in a man in the middle attack - except normally you'd expect some kind of company Trojan to install the certificate on your actual machine and trust it. 

 

Either way, dodgy as hell - if you don't get this on other devices, and your dad did only do his work stuff then it means his work must have installed something dodgy. 

 

I work for a corporate, which requires me to use multiple layers of VPN's and remote desktops to get to the environment I actually do my work - and I've never had any 3rd party certificates installed on my machine. 

 

Get your dad to send an email to his company's Corporate IT to check if it's normal at least. 

Link to post
Share on other sites
Posted
  • Author
8 hours ago, Akolyte said:

If the certificate is not yet expired, and is still causing errors in your browser it means the authority isn't trusted. 

 

That's definitely really dodgy, you'd see something similar in a man in the middle attack - except normally you'd expect some kind of company Trojan to install the certificate on your actual machine and trust it. 

 

Either way, dodgy as hell - if you don't get this on other devices, and your dad did only do his work stuff then it means his work must have installed something dodgy. 

 

I work for a corporate, which requires me to use multiple layers of VPN's and remote desktops to get to the environment I actually do my work - and I've never had any 3rd party certificates installed on my machine. 

 

Get your dad to send an email to his company's Corporate IT to check if it's normal at least. 

Will do, thanks

 

Link to post
Share on other sites
Posted
1 hour ago, Clueless Rabbit said:

Is your PC's system time and date correct?

 

If it isn't this can cause certificates to be treated as invalid.

Torn between agree and like for that one.  Good point.

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
Posted

R3 is a LetsEncrypt intermediate - and for reasons, not every system trusts the entire letsencrypt root and intermediate stack.  I'd start by importing the lot.  Also, the work stuff does tend to mess with certificates if work uses an internal PKI.

 

https://letsencrypt.org/certificates/

 

 

Next, look for any proxy that may be doing some HTTP intercept work in your system proxy settings.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×