Secure Connection Failed
Started getting this error today on the current version of Nightly 85 when I go to my bank (URL below). Safe-mode using Nightly produces the same error. The release version of Fx works fine as do other browsers. Seems like something has changed in the current Nightly. Any ideas?
https://rolb.santanderbank.com/OnlineBanking/accounts/account-overview
Ọ̀nà àbáyọ tí a yàn
I tried a new profile and the site worked fine. So I went back to Nightly from yesterday and that also gave me the error. I then used a profile from yesterday and that did the trick, no more security error. Go figure.
I always seem to forget to try a new profile. Safe-mode in many cases is not good enough to debug a problem.
Ka ìdáhùn ni ìṣètò kíkà 👍 0All Replies (8)
Hmm, I get redirected to https://rolb.santanderbank.com/OnlineBanking/login (screenshot of Page Info => Security attached).
Does the error page you get list any additional details?
Are you getting the error message or is it working for you? Here's the full text of my error:
Secure Connection Failed
An error occurred during a connection to rolb.santanderbank.com. Peer’s Certificate has been revoked.
Error code: SEC_ERROR_REVOKED_CERTIFICATE
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
Here's my screenshot.
Hmm, I didn't get an error. Why would you get "SEC_ERROR_REVOKED_CERTIFICATE" when I don't??
Could you check to see whether Firefox might be using a saved certificate:
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
- Any system: type or paste about:preferences into the address bar and press Enter/Return to load it
In the search box at the top of the page, type cert and Firefox should filter to the Certificates section. Click the "View Certificates" button, and click the Servers heading. If there is an entry for this site, you can select it and click the Delete button.
Was there anything there?
The certificate is no longer trusted because it has been revoked today as you can see in the error message.
- https://www.ssllabs.com/ssltest/analyze.html?d=rolb.santanderbank.com
- https://certificate.revocationcheck.com/rolb.santanderbank.com
You will have to wait until the website has renewed this certificate.
Ọ̀nà àbáyọ Tí a Yàn
I tried a new profile and the site worked fine. So I went back to Nightly from yesterday and that also gave me the error. I then used a profile from yesterday and that did the trick, no more security error. Go figure.
I always seem to forget to try a new profile. Safe-mode in many cases is not good enough to debug a problem.
cor-el said
The certificate is no longer trusted because it has been revoked today as you can see in the error message. You will have to wait until the website has renewed this certificate.
I think I was fooled because my CRL in Nightly was out-of-date. I'm assuming because about:config shows Sept. 14th date stamps for security.remote_settings.crlite_filters.checked and services.settings.security.onecrl.checked (probably because I only use Nightly for 5-10 minutes at a time for testing).
After forcing an update of those by zeroing the time stamps, restarting, and waiting a bit, I tested again. The site launches and now has a new certificate issued today.
Looks that the certificate was renewed ten minutes before I posted my above reply.