Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Use this forum to get help.

Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby ndnduk » Fri Dec 18, 2015 2:02 am

I'm getting this scary error when I try to login using Google Chrome browser.

Your connection is not private

Attackers might be trying to steal your information from www.spamgourmet.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_REVOKED

www.spamgourmet.com normally uses encryption to protect your information. When Chrome tried to connect to www.spamgourmet.com this time, the website sent back unusual and incorrect credentials. Either an attacker is trying to pretend to be www.spamgourmet.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit www.spamgourmet.com right now because this certificate has been revoked. Network errors and attacks are usually temporary, so this page will probably work later.
ndnduk
 
Posts: 2
Joined: Tue Apr 28, 2009 7:29 pm

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Gilla » Sat Dec 19, 2015 1:53 am

You can bypass this in IE, goto internet options, advanced, and uncheck the certificate revocation. Says it requires restart of computer
Make sure to turn that back on once this gets resolved, it's not something that's a good idea to disable.

Still trying to figure out if this is possible in Chrome.
Gilla
 
Posts: 6
Joined: Sun Jun 09, 2013 12:55 am

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Gilla » Sat Dec 19, 2015 2:19 am

Likely related to this:
https://blogs.technet.microsoft.com/mmp ... -internet/

MS just revoked a bunch of CAs that didn't do what they said
Gilla
 
Posts: 6
Joined: Sun Jun 09, 2013 12:55 am

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Jim27106 » Sat Dec 19, 2015 5:36 am

I suspect MSFT had good reasons for doing it. The error we got in Chrome seems to misrepresent the problem.
Jim27106
 
Posts: 92
Joined: Sun Mar 05, 2006 8:07 am

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Clewby » Mon Dec 21, 2015 10:17 am

My revision of Firefox on Windows 32 (43.0.01) doesn't complain.

It shows the Spamgourmet certificate as being Issued by "EssentialSSL CA", which is part of Comodo.

Issued to:
Common name (CN): http://www.spamgourmet.com
Organisation (O): <Not Part Of Certificate>
Organisational Unit (OU): Domain Control Validated
Serial Number: 11:5E:B4:39:FD:DE:33:86:00:9F:46:FF:04:24:21:3B

Issued by:
Common name (CN): EssentialSSL CA
Organisation (O): COMODO CA Ltd
Organisational Unit (OU): <Not Part Of Certificate>

Period of Validity:
Begins On: 05 April 2013
Ends On: 05 April 2016

Fingerprints:
SHA-256 Fingerprint: 20:A8:02:60:5D:9A:5D:D8:38:19:CC:A1:99:32:26:76:24:72:A3:30:45:EF:D8:2E:23:00:6F:75:C5:6C:EB:AF
SHA-1 Fingerprint: 0A:FE:51:3E:85:FC:94:B4:AE:26:40:65:45:93:6F:4E:49:5E:F9:EE

The notification being given by IE is that the certificate has been revoked. Firefox says nothing.

I don't _think_ this is to do with Microsoft no longer recognising particular Certificate Authorities, especially as that is not meant to take place until January 2016, and neither Comodo nor EssentialSSL are on the list of Certificate Authorities to be removed ( https://blogs.technet.microsoft.com/mmp ... -internet/ ).

This is a Certificate Revocation List checker - you can read the output yourselves:

https://certificate.revocationcheck.com ... ourmet.com

Possibly Microsoft have become strict about RFC 5019 and 5280 compliance?

One thing to note is that the SSL certificate is signed with SHA-1. This will be deprecated 'soon', and the maintainers of Spamgourmet will need to obtain a SHA-2 signed certificate for the service to continue after SHA-1 signed certificates are deprecated. I don't think this is causing the current problem.

It looks like IE and Chrome believe the SSL certificate to have been revoked.
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Clewby » Wed Dec 30, 2015 9:38 am

Still getting the Certificate error

"This organization's certificate has been revoked."

IE8-cert-err.png
IE8-cert-err.png (65.51 KiB) Viewed 32253 times


This is on IE8

IE8.png
IE8.png (25.47 KiB) Viewed 32253 times


I believe Chrome users also get it (I don't have Chrome to check). Firefox is allowing access.

My reading of the CRL as interpreted by this website ( https://certificate.revocationcheck.com ... ourmet.com )is that it should be fine. I am unable to diagnose the problem, but it is causing a problem for some Spamgourmet users that I 'support'. Can anyone with more experience explain what is happenening and/or provide a fix?
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby TerDale » Sun Jan 03, 2016 1:31 pm

Could anyone from Spamgourmet give us a status on this issue, and how to work it around ? TIA
TerDale
 
Posts: 23
Joined: Fri Oct 01, 2004 8:03 am
Location: France

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby josh » Wed Jan 06, 2016 4:13 pm

I could never reproduce the issue, even with IE, but I did get a lot of reports.

The certificate we were using was valid through April 2016, and I have no reason to think it was actually revoked.

Nevertheless, I just installed a new certificate (valid through 2019) - it's also a Comodo cert, but hopefully these browsers will like it better.
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby TerDale » Wed Jan 06, 2016 5:46 pm

Just tried with Chrome 47, and it works fine, thanks Josh!
TerDale
 
Posts: 23
Joined: Fri Oct 01, 2004 8:03 am
Location: France

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby vilait » Wed Jan 06, 2016 6:03 pm

Thanks josh!
Works perfect with IE 11, Chrome 47 and Firefox 43. All tested with and without sandboxie. No problems.
vilait
 
Posts: 1
Joined: Tue Jan 05, 2016 5:44 pm

Re: Login Error, Certificate Revoked, NET::ERR_CERT_REVOKED

Postby Clewby » Sun Nov 27, 2016 12:03 pm

Very belated thanks: what you did appears to have resolved the issue the person I was helping was experiencing too.

I'd love to know what the actual problem was, but as you couldn't reproduce it, it seems destined to remain forever a mystery. Such is life.
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm


Return to Support / Hilfe / ayuda / ondersteuning / ...

Who is online

Users browsing this forum: Majestic-12 [Bot] and 26 guests

cron