Revoked certificate error
Error code: SEC_ERROR_REVOKED_CERTIFICATE For Xfiniti.com email (Comcast). I saw many other questions to Mozilla on the same issue, so it's not those certificates. Edge connects just fine, as does Safari on my phone. Mozilla is the one with the problem, and you need to correct quickly, please. I need my email for many daily tasks, and it will be a lot easier to move to another browser than to another email.
Chosen solution
Thank you for your help. Ironically, I cannot "Mark it as Solved," because that generates an error as well. (HTTP Error 405)
Read this answer in context 👍 0All Replies (7)
That spelling is a little odd. Could you try using one of these URLs to access your Xfinity mail
Direct email link: https://xfinityconnect.email.comcast.net/
New hub page: https://www.xfinity.com/hub/ -- toward the upper right, there's an account button (looks like a little head and shoulders in a circle) that opens a panel to sign in. Any luck using the "Check Email" link on that account panel?
The direct email link had same blocked error. The hub page got me in through account sign-in, and then *new* bookmarked email page was again blocked on subsequent sign-in.
I'm using Edge to read my email.
Safari forced me to go through the xfiniti hub page, but then let me resave new email site directly, unlike Firefox.
Thank you for following up. What I get is this chain of events:
Requested "https://xfinityconnect.email.comcast.net/"
The server redirected Firefox to "https://oauth.xfinity.com/oauth/authorize?client_id=xcp-prod&response_type=code&redirect_uri=https://xfinityconnect.email.comcast.net/xcPreAuth/ui/web&state=0"
Then that server redirected Firefox to "https://login.xfinity.com/login?c_ds_na=c_ds_na%2Cc_ds_no%2Cc_ds_ts%2Cclient_id%2Ccontinue%2Cr%2CreqId%2Cs&c_ds_no=2369666D01EA6CEA114BAA7DDA752CFC&c_ds_ts=1691782189&c_ds_val=556756DF9F9ABC48603BAAB2D5C44777EE8D8654BDBD278123FDD899A2BF5C48&client_id=xcp-prod&continue=https%3A%2F%2Foauth.xfinity.com%2F%2Foauth%2Fauthorize%3Fclient_id%3Dxcp-prod%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fxfinityconnect.email.comcast.net%2FxcPreAuth%2Fui%2Fweb%26state%3D0%26response%3D1&r=comcast.net&reqId=d9012f5e-a709-4cd5-b8ce-a5754ccd56f0&s=oauth"
The oauth... and login... servers use the same certificate, so I assume the problem is when you hit one of those addresses.
If you click the Advanced button to expand the technical information and click View Certificate, does it have different details from this one:
https://www.ssllabs.com/ssltest/analyze.html?d=oauth.xfinity.com&s=96.114.156.145&latest
Modified
Where on this page is the "Advanced" button? I saw it referenced in some of your help pages. Firefox and comcast email still work on my iPhone after reapplying password. I turned off Malwarebytes, no change.
There are two different secure connection error pages, and this address is giving the one that doesn't have the Advanced button. I'm not sure why Firefox is showing this page instead of the other one.
It's odd that idm.xfinity.com is using an older certificate than the other sites I mentioned: this one would have expired next week, but it was already revoked by the issuer, while the newer one is set to expire in November. I think someone made a mistake in the configuration, but I don't know how to reach someone at Xfinity to help them fix it. Let's set that aside for a moment.
Firefox is one of the last browsers that does a real-time revocation check for website certificates. They all used to do this, but in the effort to shave milliseconds off of loading time, most of them no longer do that. Instead, they work with lists that are updated from time to time.
There is a way to stop Firefox from performing these revocation checks but since that is global and affects all websites, I'm not sure it's the safest choice, if you don't mind using a different browser to check your email for now.
But if you really want to try it, here are the steps:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.
(2) In the search box in the page, type or paste security.OCSP.enabled and pause while the list is filtered
(3) Double-click the preference to display an editing field, and change the value from 1 to 0 then press Enter or click the blue check mark button to save the change.
When you're ready to test whether you can change this back, you can use the Reset button at the right end of the row to restore the default value.
rjrosemeyer said
Mozilla Firefox is the one with the problem, and you need to correct quickly, please.
Considering this only occurred recently as per posts here and the last Firefox update 116.0.2 was released back on Aug 7th.
Hopefully xfinity fixes it soon so people do not wrongly blame the Firefox web browser.
Modified
Chosen Solution
Thank you for your help. Ironically, I cannot "Mark it as Solved," because that generates an error as well. (HTTP Error 405)