Your connection is not private / NET :: ERR_CERT_COMMON_NAME_INVALID; what can it be?


Recommended Posts

A question for you guys :cool:

 

My parents get the following message on their notebooks (two, each with Windows 10, 2004 update installed and ESET Internet Security 13.2.16.0) when they are trying to log on via their browser (I checked it both on Google Chrome and Edge):

  Quote

Your connection is not private

Cyber criminals may try to steal your details from www.rabobank.nl (for example passwords, messages or credit card details).

More information NET :: ERR_CERT_COMMON_NAME_INVALID

 

Help improve Chrome security by sending URLs of some pages you visit, limited system data, and certain page content to Google. Privacy Policy The server cannot prove that this is www.rabobank.nl. The server's security certificate comes from divafe.pass.bundesliga.com. This could be caused by a misconfiguration or an attacker intercepting your connection.

 

Continue to www.rabobank.nl (unsafe)

Expand  

I know that on Edge no extensions are used. For Chrome I'm not 100% sure.

The strange thing is... when I create a hotspot via my phone (different ISP) I get the same message.

ESET has been totally uninstalled, still with this same message.

When accessing www.rabobank.nl from an iPad (iPad OS 13.6 installed) on both Chrome and Safari the same message is shown.

 

When I go to www.rabobank.nl on my notebook, I can access the site. Not warnings and no messages. I also do run Win 10, 2004 update and ESET Internet Security 13.2.16.0). I have the same ISP for broadband as my parents.

 

What can this situation be? Is it ISP-related (in that case I should have the same issues as well I guess)?!

Might it be router-related (that's the only difference in setup between my parents and myself)?

I also think it's strange that the security certificate is somehow coming from - or the assumption is given: divafe.pass.bundesliga.com

 

When I click to continue a warning "Access denied" is shown and the whole page is not accessible.

It's a problem with the site. Looks like that sites security certificate is no good. 

  On 10/08/2020 at 11:59, xrobwx71 said:

It's a problem with the site. Looks like that sites security certificate is no good. 

Expand  

I've been to the site, checked the cert, seems fine to me.  What are you basing this diagnosis on?

  • Like 1

It is to do with security certificates, in earlier versions of Chrome/Chromium/Edge a single certificate was allowed to cover all subdomains, in the latest versions it's far more picky to avoid cross site trust issues.

Lots of sites still don't have the new style certificates and if you trust the site it's probably ok to click through the error message using the advanced link on the error page (i.e. it's no less safe than it was before the change).

  On 10/08/2020 at 12:19, Ixion said:

It is to do with security certificates, in earlier versions of Chrome/Chromium/Edge a single certificate was allowed to cover all subdomains, in the latest versions it's far more picky to avoid cross site trust issues.

Lots of sites still don't have the new style certificates and if you trust the site it's probably ok to click through the error message using the advanced link on the error page (i.e. it's no less safe than it was before the change).

Expand  

The key is for rabobank.nl - the user is going to rabobank.nl

No subdomains in play here...

 

Are you certain?

So is there a way to delete (from my parents computer) certificates relating to rabobank.nl (or maybe even all certificates) and then go to this site again and de new ones 'will be newly loaded in' or something?! (or am I saying something stupid here).

Like I said... on my computers is there no error whatsoever... and also I and running the latest versions of Chrome, Edge (and Brave).

 

But than again... why is this present on Windows PC as well as iPad (different OS'es, different browsers)?!

Same (WiFi-)network they're connecting, although on their Windows PC with my iPhone as hotspot on a different carrier the same error occurs (so I guess not network/ISP related than).

  On 10/08/2020 at 12:25, Code Name: Lockdown said:

The key is for rabobank.nl - the user is going to rabobank.nl

No subdomains in play here...

 

Are you certain?

Expand  

While his diagnosis is wrong, the sub domain is www.*
 

Which is still valid for this cert. 

  On 10/08/2020 at 12:48, kiddingguy said:

So is there a way to delete (from my parents computer) certificates relating to rabobank.nl (or maybe even all certificates) and then go to this site again and de new ones 'will be newly loaded in' or something?! (or am I saying something stupid here).

Like I said... on my computers is there no error whatsoever... and also I and running the latest versions of Chrome, Edge (and Brave).

 

But than again... why is this present on Windows PC as well as iPad (different OS'es, different browsers)?!

Same (WiFi-)network they're connecting, although on their Windows PC with my iPhone as hotspot on a different carrier the same error occurs (so I guess not network/ISP related than).

Expand  

Your best bet is to actually go to the site despite the warnings and examine the cert info. Don’t enter any info. 

  On 10/08/2020 at 13:13, adrynalyne said:

Your best bet is to actually go to the site despite the warnings and examine the cert info. Don’t enter any info. 

Expand  

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

  On 10/08/2020 at 13:38, kiddingguy said:

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

Expand  

And what did the url end up being?

  On 10/08/2020 at 13:38, kiddingguy said:

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

Expand  

screenshot?

 

almost sounds like it's being blocked by your ISP then or something.

  On 10/08/2020 at 14:44, Brandon H said:

screenshot?

 

almost sounds like it's being blocked by your ISP then or something.

Expand  

Not specifically the ISP, because when I use my cell carrier (KPN), a different one than their ISP (Ziggo), I still get the same message on their notebooks.

So I think not ISP related (though cannot confirm 100%).

 

I haven't yet tried my notebook on their WiFi-network. Or my mum's and dad's notebook on my WiFi. Might be something to try....

 

EDIT:

I'll try to obtain the screenshots.... :)

  On 10/08/2020 at 15:16, kiddingguy said:

Not specifically the ISP, because when I use my cell carrier (KPN), a different one than their ISP (Ziggo), I still get the same message on their notebooks.

So I think not ISP related (though cannot confirm 100%).

 

I haven't yet tried my notebook on their WiFi-network. Or my mum's and dad's notebook on my WiFi. Might be something to try....

 

EDIT:

I'll try to obtain the screenshots.... :)

Expand  

oh, that's even more telling if you get the same issue on a cellphone that's not even on the same network.

 

their web dev must have broke or forgot to renew something. if that's the case there's not much you'll be able to do unless you know of a support email for them you can contact.

  On 10/08/2020 at 15:24, Brandon H said:

oh, that's even more telling if you get the same issue on a cellphone that's not even on the same network.

 

their web dev must have broke or forgot to renew something. if that's the case there's not much you'll be able to do unless you know of a support email for them you can contact.

Expand  

Well the thing is... on my notebooks at home (on my home wifi-network; different than my parents') this www.rabobank.nl site is working as it should be.

Also with Windows 10, May 2020 update & the same version of ESET Internet Security installed (as well as with Chrome and Edge).

 

So for some reason it looks like it's all machine related at my parents (both 2 notebooks of theirs & and iPad)... :wacko:

  On 10/08/2020 at 15:40, kiddingguy said:

Well the thing is... on my notebooks at home (on my home wifi-network; different than my parents') this www.rabobank.nl site is working as it should be.

Also with Windows 10, May 2020 update & the same version of ESET Internet Security installed (as well as with Chrome and Edge).

 

So for some reason it looks like it's all machine related at my parents (both 2 notebooks of theirs & and iPad)... :wacko:

Expand  

Have you tried incognito with ad blockers turned off?

Not showing any issues with going to that site.. 

 

https://www.rabobank.nl

 

Cert checks out fine.. Both FF (79) and Edge

edge.thumb.png.e7ec69d1155d4611af35e892ae09f80a.png

It's possible that ESET's SSL filtering is causing the issue. Try disabling it by going to Settings--Advanced Setup--Web And Email--SSL/TLS and unchecking all options there. And finally restart WIndows.

 

https://i.imgur.com/JRVF3zP.png

Hello,

From the error message, it sounds like there was a URL on the bank's web page, divafe.pass.bundesliga.com, which was trying to serve up content for radobank.nl.  I cannot reproduce the error now, so I am guessing whatever occurred has since been fixed by the bank's IT department.  From looking at https://www.eset.com/nl/over/contact/, ESET's technical support can be contacted at +31 (0)184 647 730, so if the problem is still happening, I would suggest calling them for further assistance.

Regards,

Aryeh Goretsky

 

Turns out it was ISP related.

For some reason the modem hadn't been rebooted for 26x days and kinda 'hung' on something.

A reset fixed the issue and everything is working again as it should be. And rabobank.nl can be reached and visited again.

 

Thx for the help and replies!

  • Like 2
  On 12/08/2020 at 16:03, kiddingguy said:

Turns out it was ISP related.

For some reason the modem hadn't been rebooted for 26x days and kinda 'hung' on something.

A reset fixed the issue and everything is working again as it should be. And rabobank.nl can be reached and visited again.

 

Thx for the help and replies!

Expand  

Reset fixes everything, bro. 😛

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Apple still has two unannounced features for iOS 26 by Hamid Ganji Apple held its WWDC25 event this month to unveil a slew of AI features and its new design for operating systems, known as Liquid Glass. While iOS 26 currently has no shortage of features, the iPhone maker might still have some features under wraps that didn’t make a debut at this month’s WWDC. Bloomberg’s Mark Gurman writes in his weekly Power On newsletter that Apple didn’t announce two iOS 26 features at the WWDC event. The first feature is a live translation of conversations via AirPods, and the latter is the ability to sync your wireless network login information across devices at a hotel or gym. Even though these features were already tipped to arrive in iOS 26, Apple held them from the event, presumably because they’re still not ready to ship. Apple appears to have learned from its experience with Apple Intelligence and aims to break the habit of unveiling new features before they are ready for release. The Live Translation on iOS 26 is currently integrated with popular apps like Messages, FaceTime, and Phone to help users break language barriers and communicate in different languages. The feature is now under development for AirPods, allowing users to hear real-time speech translations. Moreover, the WiFi syncing feature allows you to sync your sign-in information across your entire Apple ecosystem, enabling you to connect to a public WiFi network with ease. This would eliminate the need to sign into a WiFi network separately on each device. While these features haven’t arrived in iOS 26 yet, they’re more likely to be released later this year, in October or December.
    • Intel Level L4 cache has been around for a long time, so AMD Zen 3D Cache is a copy of Intel L4 cache that was introduced with Broadwell i7-5775c, which had 128mb of Level L4 cache. Secondly, Zen 6 is not faster in single-threaded performance than 13900k/14900k. 285k is something new Intel is trying, basically showing us that chiplet design does not work for gaming, just like AMD design does not work for gaming. Throwing more cores at it and having L4 cache won't fix the issue, and that is frame dip and stuttering caused by a very stupid design decision to keep the memory controller outside the compute tile. Might as well put a memory controller by bringing back a south bridge chip. lol
    • Just like AMD Zen, it is not going to work for gaming despite 3D Cache. Frame dip and stuttering are giving, which renders 14900KS the greatest gaming CPU ever released.
    • LG continues to manufacture and sell Windows laptops
  • Recent Achievements

    • Community Regular
      Primey_ went up a rank
      Community Regular
    • Reacting Well
      Gromvar earned a badge
      Reacting Well
    • Dedicated
      BreakingBenjamin earned a badge
      Dedicated
    • Week One Done
      Hartej earned a badge
      Week One Done
    • One Year In
      TsunadeMama earned a badge
      One Year In
  • Popular Contributors

    1. 1
      +primortal
      519
    2. 2
      +FloatingFatMan
      181
    3. 3
      ATLien_0
      166
    4. 4
      Skyfrog
      100
    5. 5
      Som
      97
  • Tell a friend

    Love Neowin? Tell a friend!