Ubuntu :: Firefox 3.6.12 On 10.10 Ssl Security Certificate Error (Comodo Certs)?
Dec 6, 2010
Firefox 3.6.12 on Ubuntu 10.10 on my desktop computer is reporting a "this connection is untrusted" error for sites that have security certificates provided by COMODO. Yet, the same sites work fine in Firefox 3.6.x on Windows XP, or Chromium in Ubuntu. Here is the more specific message: "The certificate is not trusted because the issuer certificate is unknown.
(Error code: sec_error_unknown_issuer)" The issuer is listed as "COMODO High Assurance Secure Server CA." Here are some examples that throw this error for me:[URL]... It appears that there was some controversy with COMODO and Mozilla (due to bad behavior by COMODO) in the past, but all I can find on that indicates that this should be not an issue any longer.
Anybody with ideas?
View 1 Replies
ADVERTISEMENT
Mar 25, 2010
Having read how a private company is providing governments (and probably criminals) with a box that can listen in on SSL traffic by the use of forged CA certificates - [URL]. It turns out there's already a forged certificate in Firefox 3.6.
Go to Edit>Preferences>Advanced>Encryption>View Certificates and look for 'Equifax Secure Inc.' - You should see a proof-of-concept rogue certificate called 'MD5 Collisions Inc.' and a link to phreedom which explains the method used to generate it. That little lock doesn't necessarily mean that you're safe...
View 4 Replies
View Related
May 19, 2011
I get an Untrusted Connection error when I visit this site to login into my GRE account, and I cannot add it as an exception, in Mozilla Firefox 4.0 on Ubuntu 11.04. When I visit the site using Chrome, I have no issues. Is this a bug in Firefox's certificate management? I'm using Ubuntu 11.04. I do not get this error in Windows' Firefox 4.0.
View 3 Replies
View Related
Jan 5, 2011
The problem is here:When I was open gmail in my system Certificate Error is coming. The error details:
This Connection is Untrusted You have asked Firefox to connect securely to url, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
code....
View 7 Replies
View Related
Jan 25, 2010
Occasionally my machine displays the following warning whenever left to itself for an hour or so. "www.windowsvistatestdrive.com:443 uses an invalid security certificate. The certificate expired on 09/16/2009 10:52 AM. (Error code: sec_error_expired_certificate)"
I am not trying to access this site. It is not always the same url. My machine, described below, is networked to an XP machine which recently had to be recovered after a viral attack. Since I am not usually interested I decline to use the certificate and the warning goes away.
View 2 Replies
View Related
Aug 24, 2011
I'm trying to install an Ubuntu cloud on my home network - I've been following this guide. When I arrived at STEP 6: Install an image from the store PART 3: Click on the Store tab I get the following error message on the page: Error 60: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
View 1 Replies
View Related
Apr 14, 2010
this is not on the master node, but rather the node that is being replicated to. The problem occurs when i query using ldapsearch or an `getent passwd` EG ldapsearch:
Code:
[root@cakeslave ~]# ldapsearch -x -b 'cn=Christian Unger,ou=People,dc=example,dc=org' -D "cn=replica,dc=example,dc=org" -H ldaps://cakeslave.example.org -w cakewalk
ldap_bind: Can't contact LDAP server (-1)
additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[code]....
The cacert.pem in /etc/ssl/certs and /etc/openldap/certificate are identical (check using md5sum). I have done an strace and found that it looks at /etc/pki/tls/cert.pem .
View 6 Replies
View Related
Mar 22, 2011
Have extensively Googled and searched on here, but with no success. We have a MYPC service at our company, but our support staff have been well trained in the phrase..."we do not offer support for Linux", but the MYPC service that we have did work recently under Ubuntu 9.04 that I had at home, however since upgrading both my laptop and desktop to 10.10 and 10.4 respectively, neither now work when I use the Citrix 11 Receiver client.
I get; "You have not chosen to trust "GeoTrust Global CA", the issuer of the server's security certificate (SSL error 61." So I got, what I thought were the relevant certificates from [URL].. tes/index.html (see image for a list of certificates) but still no joy. whilst I don't want to call my support department, I wonder if they have taken a conscious decision to block access to the MYPC system from anything other than Windows OSs?
View 4 Replies
View Related
Jun 20, 2011
I had to do a hard shut down on my linux computer. Every since then it is not working properly and I get an invalid certificate on every page.I have never upgraded Debian since I installed it two years ago. With my experience with Gentoo I have found that upgrades can be a problem and it worked fine so I never messed with it.
View 9 Replies
View Related
Apr 2, 2009
I am having issues with using OpenSSL. How do I view the currently used certificate? Also, do you know of a good site that has instructions on how to install a certificate. The previous user installed a GoDaddy cert for an FTP server and I need to update it because it's expiring real soon.
View 10 Replies
View Related
Jun 15, 2010
Got F13 installed yesterday, this afternoon I suddenly started getting Secure Connection Failed warnings. I'm not sure whose problem it is because it mentions uses an invalid security certificate.This certificate is only valid for *.opendns.com(Error Code: ssl_error_bad_cert_domain)It continues to say that someone could be impersonating the actual server. I am still receiving mail through google and my google calendars seem to be working. I do use OpenDNS for my DNS instead of my ISPs (Comcast which would very often slow down) and obviously I use IMAP mail with google on Thunderbird. So is it google, or OpenDNS, or Thunderbird that has a problem. Firefox does not seem to have a problem
View 2 Replies
View Related
Apr 14, 2011
How can I add an existing certificate (pem format) as trusted in Fedora via the command line?Do I have to copy the files to a certain keystore? Where does Fedora store the trusted certificates
View 2 Replies
View Related
Apr 7, 2010
When running MUTT on a RHEL 5.4 box, I get the message:
------------------------------------------------------
Server certificate has expired
This certificate belongs to:
localhost.localdomain
Unknown
SomeOrganization
SomeOrganizationalUnit
[URL]
I choose "accept always", but the same message appears next time. I do not wish to have a certificate requirement for MUTT and did not intentionally set the program up to include this feature. How can I get rid of it? My second choice would be to get a new certificate, but then I have to go through this every year. I have MUTT working on two other servers and this does not happen.
View 3 Replies
View Related
Mar 19, 2010
I was trying to configure user authentication in SSH using certificate method.As u all know the usual way of authentication is using the ssh-keygen method. But i want the another method where we create a certificate key and send it to the CA, which signs it and send back etc etc.I cannot find any unique procedure in the net to configure this method.
View 3 Replies
View Related
Apr 25, 2009
I just upgraded from Ubuntu 8.10 to 9.04. I installed Webmin 1.470 but when I tried to run it from Firefox 3.09 I got the following message.
localhost:10000 uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_untrusted_issuer).
Never had this problem with Ubuntu 8.04.
View 9 Replies
View Related
Mar 19, 2011
I went to visit a website that I frequent and firefox through a error that basically said that the internet connection might be being tampered with and that the website was not authenticated. Meaning someone might be trying to load a fake website into my browser and impersonate the website to give me viruses or something.It's a website I frequent. Also the website doesn't have the www. in the url.[URL]..
View 9 Replies
View Related
Aug 6, 2011
Ubuntu shows the following error message when I try to launch Firefox "Could not initialize the application's security component. The most likely cause is problems with files in your application's profile directory. Please check that this directory has no read/write restrictions and your hard disk is not full or close to full. It is recommended that you exit the application and fix the problem. If you continue to use this session, you might see incorrect application behaviour when accessing security features." No other program including Google Chrome has this problem.
View 2 Replies
View Related
Mar 9, 2011
I want to enable sshd from Internet, but I want to secure it as much as possible.Therefore, despite the fact that the service will run on a tcp port above 2000 to prevent most scans, I would like to :- First, force the use of a client certificate, to avoid brute force attack on my users/passwords- second force the use of a username/password to avoid someone having access to my system just by stealing my key..When I look at the configuration, it's possible to enable both, but one of them is sufficient to login, but I can't find how to make them both mandatory...
View 2 Replies
View Related
Oct 7, 2010
At the login webpage of <[URL]>, the Time Warner Cable (TWC) Webmail site, I am immediately confronted with a warning that the Security Certificate is invalid & that the site is untrusted. This occurs with Firefox, Seamonkey, & Konqueror. This does not occur on Microsoft or Apple systems; I have checked other colleagues machines. I have manually overridden the warning & everything functions fine. I have contacted TWC & am awaiting their tests. But, I would like some independent corroboration from other users in the Linux community. Could some of you perform the test yourself on this URL? An error will be readily apparent.
View 14 Replies
View Related
Jan 4, 2010
I am trying to renew the existing SSL certificate by using genkey for our shopping website. i havent seen any information how to generate a new certificate for. Is any one could tell me how to change SSL certificates?
View 4 Replies
View Related
Jul 13, 2010
I am using the curl version 7.21.0. When I try the curl command from command like, things works fine for the http sites. But when I try https I get certificate error. I have source compiled curl with latest OpenSSL. I have also tried downloading the latest certificate bundle. With the same version of curl, same version of openssl with same certificate file I can get it work on the linux. But in the QNX OS I get this error.
./curl --cacert /mnt/temp/curl-ca-bundle.crt -v https://www.paypal.com
* About to connect() to proxy 172.16.2.17 port 8080 (#0)
* Trying 172.16.2.17... connected
[code]...
View 1 Replies
View Related
Sep 17, 2010
My organization just moved to using a zscaler proxy system. Basically, I have to use a .pac file in Firefox to get onto the proxy, which directs me to a series of two Flash pages, one to input my username, one for the password. After reading through the .pac file, I was able to get some command-line things to work by specifying the proxy given at the end. However, this server uses an SSL certificate that is not emitted by an authority, but rather directly by our organization. In Firefox, I had to import this certificate to enable https:// browsing.
Is there any way to "import" this certificate so that yum can use it? Because yum freezes with the error:
Code:
Could not get metalink [URL] error was
14: Peer cert cannot be verified or peer cert invalid
View 6 Replies
View Related
Aug 11, 2010
We installed 3 new rhel 5.5 systems yesterday; each of which are generating this error " Error: certificate verify failed" in response to a basic "yum update". From what I can gather, via a general search, this may be isolated to x86_64 -- however the references I found were specific to Satellite Server (which we are not using). Never the less, I checked the PATHs for the cert and they are correct. All of our 32 bit systems are running RHEL 5.5 and this is not a problem on any of them.
View 6 Replies
View Related
May 10, 2010
Girlfriend with a problem: she needs to sign up at the unemployment office in Spain. She is here in China. But for reasons unknown, she can't access the bit which she needs to. It says: 'can't set the browser' Java is enabled and so on, we read the instructions. On her windoze computer, she has a digital certificate. I copied it onto my mem-stick. When I try to copy it from my mem-stick to my Linux machine, I can't. Not even as root! The folder is called 'certificado digital' and contains two folders:
Trash.(tilde)1 and VM_Ware_Workstation They both have some kind of encrypted stuff inside. Can this certificate be installed on my machine?? Trash has 5 things, VM_Ware_Workstation has 3 things. The guy who set this up for her told her she must use Mozilla. Is a certificate only valid with a particular browser?
View 13 Replies
View Related
May 16, 2011
I am considering getting certified in Linux Administration.
1) Which organization is best for getting certified?
2) Which books are the best?
3) What topics should one focus on?
AND (the big daddy)
4) Is it worth it to get certified if one does not have a computer science degree and wants to break in to IT?
View 1 Replies
View Related
Sep 29, 2009
I used the Center for Internet Security Benchmark for Apache Web Server v2.1 (January 2008) manual.
This is the guidelines I have to follow when installing and configuring Apache...So the problem arises when we get to page:28
Just after running this command: openssl x509 -in url | more
We get this error:unable to load certificate 31352:error:0906D06C:PEM routines:PEM_read_bio:no start lineem_lib.c:650:Expecting: TRUSTED CERTIFICATE
View 2 Replies
View Related
Sep 2, 2009
Is it possible to run multiple SSL enabled sites (each having it's own SSL certificate) off of one IP address, or do I need a separate IP for each one? Any links to conclusive web pages.
View 3 Replies
View Related
Apr 11, 2010
While revoking OpenVpn client certs from Server I am getting following output:
./revoke-full client-xxxxxxx
Using configuration from /etc/openvpn/openvpn-2.0.9/easy-rsa/openssl.cnf
ERROR:Already revoked, serial number 2D
[code]....
View 2 Replies
View Related
Sep 10, 2010
I am configuring my Apache Server to enable checking CA Revocation List, and my Configuration lists as following :
Code:
SSLCARevocationFile /etc/httpd/confi.d/ssl.crt/CRL1.crl
But the server can not start, and the log says:
Code:
Unable to configure X.509 Storage for certificate
If I try this command to view content of my CRL file :
Code:
openssl crl -text -in CRL1.crl -noout
the console shows :
Code:
error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib:647:Expecting: X509 CRL
I think there is something wrong with my CRL file, such as the file format.Is there any requirement to the CRL file? What can I do to enable this CRL file checking?
View 2 Replies
View Related
Jun 4, 2009
i'm trying to create a server certificate to used in PEAP authentication .I have installed freeradius on fedora10, openssl-perl , also upgrade all the packages yum upgrade
Now after changing the configuration of openssl.cnf file placed in /etc/pki/tls/openssl.cnf
I am looking for certs.sh file thats comes with freeradius package. and also CA.all & CA.certs file but i couldn't find these files in filesystem .
Is these files are present by default when freeradius and openssl-perl packages were installed or should i have to install or copy these scripts file as these files are necessary to create a certificate for server side.
View 1 Replies
View Related
