ssl_error_bad_cert_domain error when clicking Dropbox public links or Puush links
As the title says, sometimes I get a "connection not secure" error when trying to load Dropbox public links or Puush links, and trying to recover the certificate doesn't work. For some reason, the problem fixes itself when I reboot the router, only to appear again eventually, even if it doesn't happen very often. What could be the meaning of this?
All Replies (13)
I'll add further info from the error message (sorry about the Italian):
Impossibile stabilire una connessione sicura con il peer: il nome di dominio richiesto non corrisponde al certificato del server.
HTTP Strict Transport Security: false HTTP Public Key Pinning: false
Catena di certificati:
BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIDBv3gMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEy NTYgQ0EgLSBHMzAeFw0xNTA5MTYwMDMzMDJaFw0xNzA5MTgwNDAzNDVaMIGbMRMw EQYDVQQLEwpHVDU4MDczMzAyMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNv bS9yZXNvdXJjZXMvY3BzIChjKTE1MS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBW YWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEgMB4GA1UEAxMXc2VhcmNoLmRuc2FkdmFu dGFnZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwktbK5LPl uxgTMNXpsrnP/FeT474yEim1KqdD/jsQFYIAZKVSbxU2oMqRqWqTSWVGbrOfNGcO Wm8wt8ZsW74RBDPnmta7TSCmXqMKWYSUOrBSCz9+WKZhubLjLKmfm89sxeoH793b OABGhdc/DK+fbZC2wnINx7oSV3WrVrq6QlcenOlqlLOiO/ec5CKWy7SEk0ahm0Xj xwrj2iY/Z3hhcMe7M0g0i7Vy+y6tEak+sMmfCZaq0VYlmQbbCaMjltgXLkJvNYPI rt/K8ttC5EZuTeVWTeWnY02LIUZT4qsvZQmgwnCQzlumY3gXabH5qgEUGy6NuB2/ lDD9wm+OAO8FH72DwNggfiJWtPnqd8R4oqNrXhoHzl7RPpr6s4siQv7ql4PbCSbY N/iraMPqJksl+Zi6gjnk1u2MGa6c93lhiea8tTeZgDZV3vpw+IuQC5YW+/ZYlz8V Np1kkUIl4kp/HptDUTsrA83xNXQ6WuYEzJ/fSHwTg33i559tMIVVwJx5OBRkXC9k +kvUiWzyEuhUXO6l9tECebrV5YT2wPMc1RZvcxbyWlxqal7KKIzsxKtKYF0FqZ/c IF2amCHTbS3k+8Rdwl0SOGfFeSdSO4N7MoyGlBAg5GSjC9F96pxkLNZR1BYJauZD pm/OsouqSYOez1BlMwF//dzyDI/gu3+JXwIDAQABo4IBTzCCAUswHwYDVR0jBBgw FoAUw5zz/NNGCDS7zkZ/oHxb8+IIy1kwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUF BzABhhNodHRwOi8vZ3Yuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ3Yu c3ltY2IuY29tL2d2LmNydDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMCIGA1UdEQQbMBmCF3NlYXJjaC5kbnNhZHZhbnRhZ2Uu Y29tMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9ndi5zeW1jYi5jb20vZ3YuY3Js MAwGA1UdEwEB/wQCMAAwQQYDVR0gBDowODA2BgZngQwBAgEwLDAqBggrBgEFBQcC ARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMA0GCSqGSIb3DQEBCwUA A4IBAQCsluwg3oAwyL6opH9Hjopmc1Ufb12ByI+DG+TglevvvDn/UNa5oxjTo87V EWqCKrYvzB9AUT62KVtlu8B+J01eo4vLunhZLGxxQW25VMrwmWPF03rAwDNPsP0L /S5+VmxeCvvXUu/2Hy/K36/xjsezALgKZgigPeyb2gTciXl7PlybDIpM2vDtklBr nW4JB8j9jb+L8S6sK9JHPv6V++wFvWCR/b82wdaBakgqXmu4Pw/NzolckM9Zkd2f vD2XalV31iAWQ3hLtBHv/b9zI4C/Y1N3zvp6E1FGCBG2DTWqbS+7iyrlipQ7Ly6U bER4APY1wPEt+CQcRF/AMyCN/bmS
END CERTIFICATE-----
BEGIN CERTIFICATE-----
MIID1TCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0 l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e 6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8 N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5 HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B AQUFAAOCAQEAq7y8Cl0YlOPBscOoTFXWvrSY8e48HM3P8yQkXJYDJ1j8Nq6iL4/x /torAsMzvcjdSCIrYA+lAxD9d/jQ7ZZnT/3qRyBwVNypDFV+4ZYlitm12ldKvo2O SUNjpWxOJ4cl61tt/qJ/OCjgNqutOaWlYsS3XFgsql0BYKZiZ6PAx2Ij9OdsRu61 04BqIhPSLT90T+qvjF+0OJzbrs6vhB6m9jRRWXnT43XcvNfzc9+S7NIgWW+c+5X4 knYYCnwPLKbK3opie9jzzl9ovY8+wXS7FXI6FoOpC+ZNmZzYV+yoAVHHb1c0XqtK LEL2TxyJeN4mTvVvk0wVaydWTQBUbHq3tw==
END CERTIFICATE-----
Clovers modificouno o
thanks, this may be adware related:
- please go to the firefox menu ≡ > addons > extensions & remove any suspicious entries (toolbars, things that you have not installed intentionally, don't know what purpose they serve, etc).
- also go to the windows control panel / programs and remove all toolbars or potentially unwanted software from there.
- finally, run a full scan of your system with different security tools like the free version of malwarebytes & adwcleaner, which are specialised in adware and browser hijackers.
Remove a toolbar that has taken over your Firefox search or home page Troubleshoot Firefox issues caused by malware
There are no PUPs/toolbars and I ran a scan earlier with both. My system is clean.
that failing cert would come from search.dnsadvantage.com and googling for that gets some hits claiming that this would be adware related. you could also try switching your system's dns servers to the ones that google is providing: https://developers.google.com/speed/public-dns/docs/using
The thing is, I've been having general net issues for a while, and this could be related. I'm going to try using my ISP's trace route feature next.
EDIT: Oh, it's actually just submitting NSLookup and TraceRT logs to the ISP's tech support. Should I share them here too?
Clovers modificouno o
Hmm, the problem fixed itself when I deleted the Dropbox cookies and reloaded. Puush links on the other hand I'm just unable to load, instead of getting the error.
EDIT: Nevermind, it didn't solve anything. Now I get the error again on both. Sorry about all these contrasting updates. I thought it was all because of said net issues, but even my ISP's tech support was puzzled.
Clovers modificouno o
What shows up if you try a nonexistent site that isn't using HTTPS? For example:
http://www.thereisnosuchsiteat.bike/
Sometimes ISP's or hijackers on your system will divert a standard "Server not found" page to some search results to monetize your DNS queries. You may be connecting to one of those.
In that case, Comodo intercepted it.
"Sorry, "www.thereisnosuchsiteat.bike" does not exist or could not be found"
Comodo security software running on your system, or a Comodo website?
Did it redirect to a different page, or did it inject the content into the error page (under the nonexistent site address)?
The security software. It redirected to http://securedns.comodo.com.
EDIT: Now it fixed itself after I just waited for a while, with no need to reboot the router. This doesn't make any sense...
Clovers modificouno o
Hmm, I wonder if they are connected. According to older documentation, Comodo Secure DNS changes your Windows DNS settings to point to their servers. Could you try reverting that to the Windows defaults (which will use DNS provided by your router) and see whether it makes any difference?
Their support article shows where those DNS server addresses are entered, and you could try using the "automatic" bubble blocked by the blue arrow and see whether that helps with the Dropbox and other problem.
On Reddit I saw a reference to a big denial of service attack affecting DynDNS. Perhaps that is making service to those particular websites spotty:
https://www.google.com/search?tbm=nws&q=DynDNS+denial+of+service
Yeah, I even checked the Comodo forums for similar issues and the general consensus seems to be that it's a DNS problem. I never once altered my DNS settings, so...
(For the sake of updating, the issue was gone for all of yesterday, and since this morning it's been coming and going in short bursts. I generally realized messing with the router didn't really affect it at all.)
Clovers modificouno o