Websites that should aren't "securing"?

[Threepwood]

For example gmail.com usually shows the yellow mark with lock in the address bar at the right in Opera, but now its the grey ? and is says that the secure connection failed.

Same with secure.telkomsa.net and engen.adsl.co.za, in Firefox I see the padlock icon at the bottom, but when I tried logging in to gmail FF gave me an error screen saying something about the secure connection not working as well.

Same problem if I try my axxess prepaid account (I have int bandwidth on both that and my TI account so it's not just failing to get the certificate from overseas server.)

Are other people having similar issues? How do I try resolve this? BTW sites aren't securing on my other PC in the house, so it's probably not specific to my machine.

 

[reech]

Sounds very dodgy indeed. You sure you'ren not being proxied?

 

[bwana]

Just to be on the safe side - when you next long in to gmail (via https) https://mail.google.com/mail/ go into settings and under general make sure "Always use https" is selected.

 

[Threepwood]

1st how do I know if I'm being proxied? What exactly does that mean, is it done by the ISP (as I explained using two different accounts I have this one Axxess one TI, they are both SAIX), and how do I make it better.

Also I have set that in gmail long time ago, and like I said it's happening with other sites also.

Intermittently I am getting the secure connection it seems, earlier I noticed suddenly that a gmail page had the secured mark, and just now I noticed it on another secured page I was browsing, went to a different page within the same site (also should be secured) but it wasn't. So very few times it is working.

 

[Threepwood]

Here's an example, trying to go to [noturl]https://www.binsearch.info[/noturl], I get these errors:

To be honest I don't know much about ssl etc. I have no idea if this is really bad or not, I just don't really want to access my gmail without it, and there's banking issues and so forth as well...

Most opften with Opera I'm seeing the error "The server attmpted to apply security measures but failed."

 

[Threepwood]

Can anyone please give me some input on this?

I've tried changing to default Telkom DNS servers as I was using OpenDNS, that doesn't help, a while ago I added a whole bunch of firewall rules, thought maybe something I overlooked could be causing this so I deleted all those rules, still not helping.

This makes me think I may just be being paranoid; http://labs.opera.com/news/2006/05/16/

4. The grey Security Toolbar

If there was any problem with the SSL/TLS connection that reduced the security level of the connection below level 3, the color of the security toolbar will not be yellow, but grey. The problems that can give these results are low encryption level, unknown certificate authorities, mismatch with the servername in the certificate, all of which results in a warning dialog, or a failed online check of the server's certificate.

This change is intended to give you a clearer indication than just the level 1 and level 2 padlocks that not everything is OK with the site or the surrounding systems.

In my testing I've found that Firefox displays the Green bar in the address bar on the secured hotmail.com login, opera doesn't. Gmail and online.fnb.co.za say that the connection is encrypted when I click on the icon in the address bar, but there is no yellow or green stripe like I usually see (in firefox).

Trying https://binsearch.info in firefox gives me the following;

Secure Connection Failed

www.binsearch.info uses an invalid security certificate.

The certificate is only valid for *.opendns.com.

(Error code: ssl_error_bad_cert_domain)

When trying to log into gmail with firefox;

Secure Connection Failed

An error occurred during a connection to mail.google.com:80.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

with Opera it's the greyed ? I'm mostly worried about whether or not the gmail connection is encrypted and fnb, so any ideas?

 

[DBoy_25]

Opera does not reconize the certificate that is been used on that specific website. Have you tried other browsers to view the website?

 

[DBoy_25]

It seems that the website has bought a SSL certificate that is not reconized in the Opera Browser. It will work in other browsers but not in Opera.

This is mainly because they have purchased a certificate from an SSL company that Opera does not support or trust.

 

[Threepwood]

I said I have tried Firefox as well, did you see what I said about when trying to log in to gmail using firefox?

Thing is, it's just about every https site that I'm trying to access that does this, and it seems problematic on both Opera and Firefox, I can't think of that many https sites to try but everything I usually use is affected.

 

[reech]

Sorry - haven't checked back here for a bit.
I seriously doubt google have an expired SSL cert..I'm using google at the moment

A green address bar only means that sites implement EV_SSL - lack of a green bar does not mean they're insecure.

I still suspect a badly configured proxy or something else mangling your connection.
Some ISP's use tranparent proxies http://en.wikipedia.org/wiki/Proxy_server#Transparent_and_non-transparent_proxy_server

Unfortunately I can't see your pics.

 

[Threepwood]

I realise the green bar isn't that important, usually I only see the yellow one.

I've always seen the yellow one using Opera when going to google and binsearch.info, and most other secure sites. Now I'm not getting jack, plus those errors I'm seeing in Firefox make it seem like it's not my side, I doubt they have expired certificates like you said, unless there's some settings in Opera or Firefox that can effect this it must be something wrong with my connection, though I don't know what.

I've been having a lot of line problems http://mybroadband.co.za/vb/showthread.php?t=137452, but I don't really see how that can be affecting this.

BTW I fixed the pictures, they are just screenshots of the certificate window in Opera, I don't know if there's anything helpfull there.

As far as I am aware all ISPs in SA use transparent proxies (I don't really know much about that though), AFAIK SAIX does and I'm using SAIX.

So should I try querying Telkom about this? I use TI and Axxess accounts, both SAIX, I mentioned in that thread on my line problems that they did something to the port, I don't know if that could have affected this? I can't properly remember if I was having this problem before that or not though.

 

[aquadog]

This very much seems like an opendns issue, as pretty much every error you have posted says "The certificate is only valid for *.opendns.com."

You say switched back to telkom's DNS servers but did you reboot after that? Windows runs a dns client that caches DNS entries and they will remain around for some time after switching your DNS servers. Also if your router is doing the connecting, give that a reboot too and make sure the DNS servers are set to telkom's.

Opendns is great but in my experience it isn't worth using, especially when working in tech and having to troubleshoot DNS issues.

 

[ld13]

Trying https://binsearch.info in firefox gives me the following;

Yes I get the same error with https://binsearch.info ... but that is the wrong URL you see.
Rather try https://www.binsearch.info

When trying to log into gmail with firefox;

Same error for me using https://mail.google.com:80/ ... once again, wrong URL.
Rather try https://mail.google.com/mail/

 

[Threepwood]

No typing it like https://www.binsearch.info, doesn't help, plus I always used to omit the www.

For gmail Firefox was just converting the url to that, I always just type gmail.com and it always used to work too. Putting it in full doesn't help though anyway In Opera.

When I tried setting back to Telkom's DNS I just refreshed the page and saw the new ones there, didn't actually reset so I'll try that, I was using OpenDNS without problems before this though.

 

[Threepwood]

I tried changing the DNS and ressetting but it makes no difference.

I had an idea though;

I was using I'm pretty sure Opera 9.5, when I re-installed my system I kept all my opera relative stuff, I was trying to move my whole history and settings over basically. Can't remember if I tried using all my stuff from 9.5 in 9.61 (which I did install, but now have upgraded to 9.62), or upgraded afterwards, but is it possible that something to do with that is causing this?