Your connection is not private / NET :: ERR_CERT_COMMON_NAME_INVALID; what can it be?


Recommended Posts

A question for you guys :cool:

 

My parents get the following message on their notebooks (two, each with Windows 10, 2004 update installed and ESET Internet Security 13.2.16.0) when they are trying to log on via their browser (I checked it both on Google Chrome and Edge):

  Quote

Your connection is not private

Cyber criminals may try to steal your details from www.rabobank.nl (for example passwords, messages or credit card details).

More information NET :: ERR_CERT_COMMON_NAME_INVALID

 

Help improve Chrome security by sending URLs of some pages you visit, limited system data, and certain page content to Google. Privacy Policy The server cannot prove that this is www.rabobank.nl. The server's security certificate comes from divafe.pass.bundesliga.com. This could be caused by a misconfiguration or an attacker intercepting your connection.

 

Continue to www.rabobank.nl (unsafe)

Expand  

I know that on Edge no extensions are used. For Chrome I'm not 100% sure.

The strange thing is... when I create a hotspot via my phone (different ISP) I get the same message.

ESET has been totally uninstalled, still with this same message.

When accessing www.rabobank.nl from an iPad (iPad OS 13.6 installed) on both Chrome and Safari the same message is shown.

 

When I go to www.rabobank.nl on my notebook, I can access the site. Not warnings and no messages. I also do run Win 10, 2004 update and ESET Internet Security 13.2.16.0). I have the same ISP for broadband as my parents.

 

What can this situation be? Is it ISP-related (in that case I should have the same issues as well I guess)?!

Might it be router-related (that's the only difference in setup between my parents and myself)?

I also think it's strange that the security certificate is somehow coming from - or the assumption is given: divafe.pass.bundesliga.com

 

When I click to continue a warning "Access denied" is shown and the whole page is not accessible.

It's a problem with the site. Looks like that sites security certificate is no good. 

  On 10/08/2020 at 11:59, xrobwx71 said:

It's a problem with the site. Looks like that sites security certificate is no good. 

Expand  

I've been to the site, checked the cert, seems fine to me.  What are you basing this diagnosis on?

  • Like 1

It is to do with security certificates, in earlier versions of Chrome/Chromium/Edge a single certificate was allowed to cover all subdomains, in the latest versions it's far more picky to avoid cross site trust issues.

Lots of sites still don't have the new style certificates and if you trust the site it's probably ok to click through the error message using the advanced link on the error page (i.e. it's no less safe than it was before the change).

  On 10/08/2020 at 12:19, Ixion said:

It is to do with security certificates, in earlier versions of Chrome/Chromium/Edge a single certificate was allowed to cover all subdomains, in the latest versions it's far more picky to avoid cross site trust issues.

Lots of sites still don't have the new style certificates and if you trust the site it's probably ok to click through the error message using the advanced link on the error page (i.e. it's no less safe than it was before the change).

Expand  

The key is for rabobank.nl - the user is going to rabobank.nl

No subdomains in play here...

 

Are you certain?

So is there a way to delete (from my parents computer) certificates relating to rabobank.nl (or maybe even all certificates) and then go to this site again and de new ones 'will be newly loaded in' or something?! (or am I saying something stupid here).

Like I said... on my computers is there no error whatsoever... and also I and running the latest versions of Chrome, Edge (and Brave).

 

But than again... why is this present on Windows PC as well as iPad (different OS'es, different browsers)?!

Same (WiFi-)network they're connecting, although on their Windows PC with my iPhone as hotspot on a different carrier the same error occurs (so I guess not network/ISP related than).

  On 10/08/2020 at 12:25, Code Name: Lockdown said:

The key is for rabobank.nl - the user is going to rabobank.nl

No subdomains in play here...

 

Are you certain?

Expand  

While his diagnosis is wrong, the sub domain is www.*
 

Which is still valid for this cert. 

  On 10/08/2020 at 12:48, kiddingguy said:

So is there a way to delete (from my parents computer) certificates relating to rabobank.nl (or maybe even all certificates) and then go to this site again and de new ones 'will be newly loaded in' or something?! (or am I saying something stupid here).

Like I said... on my computers is there no error whatsoever... and also I and running the latest versions of Chrome, Edge (and Brave).

 

But than again... why is this present on Windows PC as well as iPad (different OS'es, different browsers)?!

Same (WiFi-)network they're connecting, although on their Windows PC with my iPhone as hotspot on a different carrier the same error occurs (so I guess not network/ISP related than).

Expand  

Your best bet is to actually go to the site despite the warnings and examine the cert info. Don’t enter any info. 

  On 10/08/2020 at 13:13, adrynalyne said:

Your best bet is to actually go to the site despite the warnings and examine the cert info. Don’t enter any info. 

Expand  

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

  On 10/08/2020 at 13:38, kiddingguy said:

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

Expand  

And what did the url end up being?

  On 10/08/2020 at 13:38, kiddingguy said:

That's not possible... going to the website (via Ignore) gives a new page with 'Access denied' and an error code. Nothing can be done there.... just a plain, simple html-website thingy.

Expand  

screenshot?

 

almost sounds like it's being blocked by your ISP then or something.

  On 10/08/2020 at 14:44, Brandon H said:

screenshot?

 

almost sounds like it's being blocked by your ISP then or something.

Expand  

Not specifically the ISP, because when I use my cell carrier (KPN), a different one than their ISP (Ziggo), I still get the same message on their notebooks.

So I think not ISP related (though cannot confirm 100%).

 

I haven't yet tried my notebook on their WiFi-network. Or my mum's and dad's notebook on my WiFi. Might be something to try....

 

EDIT:

I'll try to obtain the screenshots.... :)

  On 10/08/2020 at 15:16, kiddingguy said:

Not specifically the ISP, because when I use my cell carrier (KPN), a different one than their ISP (Ziggo), I still get the same message on their notebooks.

So I think not ISP related (though cannot confirm 100%).

 

I haven't yet tried my notebook on their WiFi-network. Or my mum's and dad's notebook on my WiFi. Might be something to try....

 

EDIT:

I'll try to obtain the screenshots.... :)

Expand  

oh, that's even more telling if you get the same issue on a cellphone that's not even on the same network.

 

their web dev must have broke or forgot to renew something. if that's the case there's not much you'll be able to do unless you know of a support email for them you can contact.

  On 10/08/2020 at 15:24, Brandon H said:

oh, that's even more telling if you get the same issue on a cellphone that's not even on the same network.

 

their web dev must have broke or forgot to renew something. if that's the case there's not much you'll be able to do unless you know of a support email for them you can contact.

Expand  

Well the thing is... on my notebooks at home (on my home wifi-network; different than my parents') this www.rabobank.nl site is working as it should be.

Also with Windows 10, May 2020 update & the same version of ESET Internet Security installed (as well as with Chrome and Edge).

 

So for some reason it looks like it's all machine related at my parents (both 2 notebooks of theirs & and iPad)... :wacko:

  On 10/08/2020 at 15:40, kiddingguy said:

Well the thing is... on my notebooks at home (on my home wifi-network; different than my parents') this www.rabobank.nl site is working as it should be.

Also with Windows 10, May 2020 update & the same version of ESET Internet Security installed (as well as with Chrome and Edge).

 

So for some reason it looks like it's all machine related at my parents (both 2 notebooks of theirs & and iPad)... :wacko:

Expand  

Have you tried incognito with ad blockers turned off?

Not showing any issues with going to that site.. 

 

https://www.rabobank.nl

 

Cert checks out fine.. Both FF (79) and Edge

edge.thumb.png.e7ec69d1155d4611af35e892ae09f80a.png

It's possible that ESET's SSL filtering is causing the issue. Try disabling it by going to Settings--Advanced Setup--Web And Email--SSL/TLS and unchecking all options there. And finally restart WIndows.

 

https://i.imgur.com/JRVF3zP.png

Hello,

From the error message, it sounds like there was a URL on the bank's web page, divafe.pass.bundesliga.com, which was trying to serve up content for radobank.nl.  I cannot reproduce the error now, so I am guessing whatever occurred has since been fixed by the bank's IT department.  From looking at https://www.eset.com/nl/over/contact/, ESET's technical support can be contacted at +31 (0)184 647 730, so if the problem is still happening, I would suggest calling them for further assistance.

Regards,

Aryeh Goretsky

 

Turns out it was ISP related.

For some reason the modem hadn't been rebooted for 26x days and kinda 'hung' on something.

A reset fixed the issue and everything is working again as it should be. And rabobank.nl can be reached and visited again.

 

Thx for the help and replies!

  • Like 2
  On 12/08/2020 at 16:03, kiddingguy said:

Turns out it was ISP related.

For some reason the modem hadn't been rebooted for 26x days and kinda 'hung' on something.

A reset fixed the issue and everything is working again as it should be. And rabobank.nl can be reached and visited again.

 

Thx for the help and replies!

Expand  

Reset fixes everything, bro. 😛

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Microsoft Edge gets new password feature and security fixes by Taras Buria Microsoft has released a new update for the Edge browser in the Stable Channel. Version 137.0.3296.83 introduces a new password feature and fixes security vulnerabilities to make your browsing experience safer. Starting with new features, Microsoft Edge 137 now supports Secure Password Deployment. Microsoft recently announced this for IT admins, allowing them to share encrypted passwords with user groups. This service lets users log into websites without seeing their passwords, thus enhancing the organization's security. You can read more about Microsoft Edge Secure Password Deployment in our recent article here. Security updates in Microsoft Edge 137.0.3296.83 include two fixes for Chromium vulnerabilities: CVE-2025-5958: Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-5959: Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) You can update Microsoft Edge to the latest version by heading to edge://settings/help. The browser can also update itself automatically in the background and apply updates between restarts. In case you missed it, Microsoft released Edge 137 by the end of May. The update deprecated quite a lot of existing features, including Wallet, Image Editor, Image Hover, Mini menu, and Video Super Resolution. It also introduced Web Content Filtering and enhancements for the picture-in-picture player and Find on Page in Microsoft Edge for Business. The next feature update for Microsoft Edge, version 138, is expected on the week of June 26, 2025, as part of the standard four-week release cadence.
    • Microsoft commits to upskill 1 million UK workers in AI this year by Paul Hill Microsoft has partnered with the UK government in the latter’s ambitious plan to train 7.5 million workers in AI skills over the next five years. Specifically, Microsoft has committed to upskilling 1 million of those workers by the end of this year. This represents a significant portion of the overall target and within a very short timeframe. The education drive by Microsoft builds on its previous “Get On” program, which has given 1.5 million people basic digital skills. The effort to train up 1 million British workers in AI is part of Microsoft’s broader £2.5 billion investment in UK AI infrastructure. Ensuring workers have the skills to leverage AI tools is important. Microsoft CEO UK Darren Hardman said recently that two-thirds of business people wouldn’t hire someone lacking AI skills, showing just how vital it is to get people’s skills up to date. Microsoft's approach to AI skills development Microsoft has several platforms to offer AI training, including Microsoft Learn, AI Skills Navigator, and through partnerships with non-profit organisations such as Catch22 in the UK. Its educational materials cover everything from the basics of generative AI to helping you prepare for advanced roles like being an AI engineer. With Catch22, Microsoft helps to train people who face various challenges to getting tech skills, including gender and ethnicity barriers, homelessness, mental health issues, school exclusion and disability. Microsoft is also trying to get more women into tech fields through programmes like TechHer, where it has trained thousands of women across UK government departments. Many of the courses that Microsoft offers come complete with certificates that you can show off on your CV when applying for a job to impress potential employers and land a job. Who else is partnering with the UK government? While Microsoft is playing a massive role in the government’s plans, it’s not the only big tech giant helping out. The firms that have partnered with the government are: Accenture, Amazon, Barclays, BT, Google, IBM, Intuit, Microsoft, Sage, SAS, and Salesforce. While all of these firms are helping to train workers, Microsoft’s planned efforts are the most notable. This initiative by the government will help the country brace for the changes AI is expected to bring to the economy. In April, the United Nations said that AI will affect 40% of all jobs, so being ready is a must.
    • Microsoft has an update on Exchange Online Basic Auth removal for Office 365 by Sayan Sen Back in 2022, Microsoft announced the retirement of Basic Authentication as it was moving to modern OAuth 2.0 token-based authentication. The reason was simple, to move away from such simple username-password authentication to more secure sign-ins. While Microsoft had previously planned to "permanently remove support for Basic authentication with Client Submission (SMTP AUTH) in September 2025", the company has now updated this timeline, adding a final delay. Perhaps this was on the cards given that Microsoft recently extended Basic Auth support for High Volume Email to 2028. On the Microsoft 365 Admin Center, a new message has been posted that details the changes regarding SMTP (Simple Mail Transfer Protocol) AUTH Client Submission. The message says: Thus, starting March 1, 2026, Exchange Online will begin phasing out Basic authentication for sending emails via SMTP AUTH. At first, fewer attempts will be blocked, but by April 30, 2026, this older method will be fully disabled. After that, any apps or devices that want to send email this way will need to use OAuth. The message further adds how admins can proceed with the changes in case OAuth is not supported: Users who have access to the M365 Admin Center can view the message under ID MC786329.
    • Weekend PC Game Deals: Total War grabs, management freebies, demos to try, and more by Pulasthi Ariyasinghe Weekend PC Game Deals is where the hottest gaming deals from all over the internet are gathered into one place every week for your consumption. So kick back, relax, and hold on to your wallets. The Humble Store brought out a couple of fresh bundles this week, and up first is the Narrative Arc collection. This comes with Mutazione, Venba, and Frank and Drake in the starting tier with an $8 price tag. Going up a rung will cost you $14, and this adds on Season: A Letter to the Future and Dustborn. Lastly, paying $20 gets you Harold Halibut and Six Ages 2: Lights Going Out. Next, the Case and Consequences Collection landed. This bundle comes with Heavy Rain, Song of Farca, Lacuna, and Sherlock Holmes: Crimes and Punishments in the starting tier for $6. The second and final tier of this bundle costs $10, adding on Murders on the Yangtze River, BROK the InvestiGator, and Between Horizons. Both bundles will come to an end two weeks from now, so you have plenty of time to decide. The Epic Games Store's mystery giveaways came to an end this week, but the standard promotion has already returned, touting a freebie from Sega. The Two Point Studios-developed construction and sim experience Two Point Hospital is now yours to claim. Arriving as a spiritual successor to the classic title Theme Hospital, this also offers a humorous take on hospital management and patient treatment. You'll be creating treatment rooms, hiring doctors, and taking care of financials, all the while patients with the wildest illnesses pass through looking for cures. The Two Point Hospital giveaway will last until Thursday, June 19. This is also when The Operator will become the next free game on the platform. Free Events The demo festival that Valve hosts three times a year, Steam Next Fest, is back with a brand-new selection of games to try out. This promotion is slated to last until June 16, giving you just a few more days to try out gameplay slices from upcoming games. Several standard free events are currently active too. This includes the colony sim Stardeus, the dungeon-crawler roguelite Barony, the WW2-set hardcore first-person shooter Hell Let Loose, the building and management sim Construction Simulator, as well as the side-scrolling looter brawler Towerborne. Big Deals The Steam Summer Sale is just days away, but plenty of publishers already having big promotions on their games. This includes a Total War historical sale, Konami classics, 505's early summer promotions, and others. With those and more, here's our hand-picked big deals list for this weekend: SILENT HILL 2 – $41.99 on Steam Forza Horizon 5 – $29.99 on Steam Hell Let Loose – $24.99 on Steam Wasteland 3 – $19.99 on Steam Resident Evil 4 – $19.99 on Steam Metro Awakening – $19.99 on Steam Halo Infinite (Campaign) – $19.79 on Steam Mind Over Magic – $18.74 on Steam Castlevania Dominus Collection – $17.49 on Steam DEATH STRANDING DIRECTOR'S CUT – $15.99 on Steam Blasphemous 2 – $14.99 on Steam Grand Theft Auto V Enhanced – $14.99 on Steam Total War: THREE KINGDOMS – $14.99 on Steam Total War: ROME II - Emperor Edition – $14.99 on Steam DRAGON BALL Z: KAKAROT – $12.99 on Gamesplanet DREDGE – $12.49 on Steam Fable Anniversary – $12.24 on Steam METAL GEAR SOLID V: The Definitive Experience – $11.99 on Steam Total War: ROME REMASTERED – $10.19 on Steam Pillars of Eternity II: Deadfire – $9.99 on Steam Bloodstained: Ritual of the Night – $9.99 on Steam Ghostrunner 2 – $9.99 on Steam METAL GEAR SOLID 3: Snake Eater - Master Collection Version – $9.99 on Steam METAL GEAR SOLID 2: Sons of Liberty - Master Collection Version – $9.99 on Steam Barony – $9.99 on Steam Total War: PHARAOH – $9.99 on Steam DRAGON BALL FighterZ – $9.59 on Steam Deep Rock Galactic: Survivor – $9.09 on Steam The Callisto Protocol – $8.99 on Steam Quantum Break – $7.99 on Steam Oxygen Not Included – $7.49 on Steam The Ascent – $7.49 on Steam Ghostrunner – $7.49 on Steam Total War: SHOGUN 2 – $7.49 on Steam Overcooked! 2 – $6.24 on Steam Human Fall Flat – $5.99 on Steam Grand Theft Auto IV: The Complete Edition – $5.99 on Steam Don't Starve Together – $5.09 on Steam Last Day of June – $4.99 on Steam ABZU – $4.99 on Steam Super Meat Boy Forever – $4.99 on Steam Total War: MEDIEVAL II – Definitive Edition – $4.99 on Steam Legend of Grimrock 2 – $4.79 on Steam Golf With Your Friends – $4.49 on Steam Rise of the Tomb Raider – $4.49 on Steam Golf It! – $4.49 on Steam Sunset Overdrive – $3.99 on Steam Super Meat Boy – $3.74 on Steam Tomb Raider – $2.24 on Steam Crime Boss: Rockay City – $1.99 on Steam Mortal Shell – $1.49 on Steam Crypt of the NecroDancer – $1.49 on Steam This War of Mine – $0.99 on Steam Two Point Hospital – $0 on Epic Store DRM-free Specials The DRM-free discounts from the GOG store this weekend include open-world adventures, story-rich titles, indies, publisher sales, and more. Here are some highlights: No Man's Sky - $23.99 on GOG The Thaumaturge - $19.24 on GOG INDIKA - $16.24 on GOG Against the Storm - $14.99 on GOG Shadows of Doubt - $14.99 on GOG EVERSPACE 2 - $14.99 on GOG Core Keeper - $13.99 on GOG art of rally - $12.49 on GOG Shadowrun Trilogy - $10.07 on GOG Cold Waters - $9.99 on GOG Disco Elysium - The Final Cut - $9.99 on GOG Streets of Rage 4 - $9.99 on GOG Dying Light: The Following – Enhanced Edition - $8.99 on GOG Potion Craft: Alchemist Simulator - $7.99 on GOG Little Nightmares - $4.99 on GOG Edge Of Eternity - $4.49 on GOG Epistory - Typing Chronicles - $4.49 on GOG This War of Mine: Complete Edition - $4.07 on GOG Graveyard Keeper - $3.99 on GOG Alba: A Wildlife Adventure - $3.39 on GOG Chroma Squad - $2.24 on GOG EVERSPACE - $0.99 on GOG Keep in mind that availability and pricing for some deals could vary depending on the region. That's it for our pick of this weekend's PC game deals, and hopefully, some of you have enough self-restraint not to keep adding to your ever-growing backlogs. As always, there are an enormous number of other deals ready and waiting all over the interwebs, as well as on services you may already subscribe to if you comb through them, so keep your eyes open for those, and have a great weekend.
    • I've had the opposite honestly Linux always just works except for games with drm/anti cheat Windows is sometimes corrupted on first install Windows update downloading wrong drivers ...
  • Recent Achievements

    • One Month Later
      5i3zi1 earned a badge
      One Month Later
    • Week One Done
      5i3zi1 earned a badge
      Week One Done
    • Week One Done
      julien02 earned a badge
      Week One Done
    • One Year In
      Drewidian1 earned a badge
      One Year In
    • Explorer
      Case_f went up a rank
      Explorer
  • Popular Contributors

    1. 1
      +primortal
      539
    2. 2
      ATLien_0
      226
    3. 3
      +FloatingFatMan
      157
    4. 4
      Michael Scrip
      112
    5. 5
      +Edouard
      95
  • Tell a friend

    Love Neowin? Tell a friend!