"Untrusted" ssl cert

Learn about Computer Security Digital Certificates and Digital Signing
1

Not sure what happend here… latest android, samsung browser. S3 != note

Root cert needs updating?

See atached:

[attachment deleted by admin]

2

Hi

Could you provide the full URL where this issue can be seen?

Garry

3

Intally I folowed a fb link but it looks like the whole domain, http://www.upworthy.com
I dont think its a mitm because of the error and I dont appear to have any issues with other https:// sites
I do have root ssl certs from comodo but not the postgradssl cert and so my phome wont recognize the ca as a trusted authority
Perhaps something a little funky is going on with my phone? Should I have that root ca cert by default? Is it a cross signing issue or a new ca?

Put up more screenshots to help :wink:

On a side note forum bug report: (minor irritant)
When one lands on the “your atchment folder is full plz go back and remove one” you press back
and do so, but because you “clear attachment” but cant remove extra empty attachment box and then try to post nothing happens and the post wont go though forcing one to go completly out of the reply amd start all over again, probbably only javascript verification. Using same phone and browser.

I was planning to upload screenshots of ssl error showing untrusted authority, and the relavant list of installed root certs showing comodo ones and the single ca starting with p (not urs) but the upload folder restrictions is essesivley tight here, seriously 10tb drives are commerialy available and those will be scaled up quckly to 64tb) happy to provide the info, need more room…

4

Hi

If I go to https://www.upworthy.com and click on the padlock, the certificate that is presented is issued by Digicert and not Comodo.
And is trusted on my Nexus 7 tablet.

So, I’m not sure which part of the domain is giving you the issue and presenting a certificate issued by Comodo.

Maybe if you provide a more specific URL we/I could then see what you are seeing.

Garry

5

Like ifurn0, I also receive an “untrusted certificate” message for a website on a Samsung Android device - though it’s a tablet - and I also get it also on an iPad, whereas I can access the website normally on a MacBook.

Devices producing the message:

Samsung Galaxy 10.1, model GT-PT7500 with Android 4.0.4, both using Chrome and Firefox beta
iPad version 7.1.2 (11D257) model MD786GP/A), using Safari

Website: https://translate-coursera.org/

Unfortunately, this indication is not going to be very useful for repeating the issue, because this is a doubly padlocked sub-site of coursera.org, i.e. you first have to be a registered participant of the Coursera platform, then you have to click on links that first take you to pages like Coursera (also /4 and /7) where your data get pumped, then you are redirected to a https://translate-coursera.org/ subpage, respectively:

The creator/manager of these pages wrote that he cannot replicate the “untrusted certificate” issue on his devices, and added that:

“the security certificate that we use is issued by COMODO. (…) All the traffic is sent through 128bit SSL connections, so all data is absolutely safe no matter what the browser says. The problem that you see is, that for some reason I cannot explain so far, COMODO doesn’t reply with a positive answer to your browser request (and this simple is a confirmation that we bought a certificate with them, which we did).”

I could bypass/ignore the security warnings on the two mentioned devices, but I would rather understand why it gets triggered there, and not on my MacBook. So I’d be very grateful for an explanation, please.

Best,

Claude