Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Revoked certificate error

  • 7 replies
  • 7 have this problem
  • 294 views
  • Last reply by rjrosemeyer

more options

Error code: SEC_ERROR_REVOKED_CERTIFICATE For Xfiniti.com email (Comcast). I saw many other questions to Mozilla on the same issue, so it's not those certificates. Edge connects just fine, as does Safari on my phone. Mozilla is the one with the problem, and you need to correct quickly, please. I need my email for many daily tasks, and it will be a lot easier to move to another browser than to another email.

Error code: SEC_ERROR_REVOKED_CERTIFICATE For Xfiniti.com email (Comcast). I saw many other questions to Mozilla on the same issue, so it's not those certificates. Edge connects just fine, as does Safari on my phone. Mozilla is the one with the problem, and you need to correct quickly, please. I need my email for many daily tasks, and it will be a lot easier to move to another browser than to another email.

Chosen solution

Thank you for your help. Ironically, I cannot "Mark it as Solved," because that generates an error as well. (HTTP Error 405)

Read this answer in context 👍 0

All Replies (7)

more options

That spelling is a little odd. Could you try using one of these URLs to access your Xfinity mail

Direct email link: https://xfinityconnect.email.comcast.net/

New hub page: https://www.xfinity.com/hub/ -- toward the upper right, there's an account button (looks like a little head and shoulders in a circle) that opens a panel to sign in. Any luck using the "Check Email" link on that account panel?

more options

The direct email link had same blocked error. The hub page got me in through account sign-in, and then *new* bookmarked email page was again blocked on subsequent sign-in.

I'm using Edge to read my email.

Safari forced me to go through the xfiniti hub page, but then let me resave new email site directly, unlike Firefox.

more options

Thank you for following up. What I get is this chain of events:

Requested "https://xfinityconnect.email.comcast.net/"

The server redirected Firefox to "https://oauth.xfinity.com/oauth/authorize?client_id=xcp-prod&response_type=code&redirect_uri=https://xfinityconnect.email.comcast.net/xcPreAuth/ui/web&state=0"

Then that server redirected Firefox to "https://login.xfinity.com/login?c_ds_na=c_ds_na%2Cc_ds_no%2Cc_ds_ts%2Cclient_id%2Ccontinue%2Cr%2CreqId%2Cs&c_ds_no=2369666D01EA6CEA114BAA7DDA752CFC&c_ds_ts=1691782189&c_ds_val=556756DF9F9ABC48603BAAB2D5C44777EE8D8654BDBD278123FDD899A2BF5C48&client_id=xcp-prod&continue=https%3A%2F%2Foauth.xfinity.com%2F%2Foauth%2Fauthorize%3Fclient_id%3Dxcp-prod%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fxfinityconnect.email.comcast.net%2FxcPreAuth%2Fui%2Fweb%26state%3D0%26response%3D1&r=comcast.net&reqId=d9012f5e-a709-4cd5-b8ce-a5754ccd56f0&s=oauth"

The oauth... and login... servers use the same certificate, so I assume the problem is when you hit one of those addresses.

If you click the Advanced button to expand the technical information and click View Certificate, does it have different details from this one:

https://www.ssllabs.com/ssltest/analyze.html?d=oauth.xfinity.com&s=96.114.156.145&latest

Modified by jscher2000 - Support Volunteer

more options
more options

There are two different secure connection error pages, and this address is giving the one that doesn't have the Advanced button. I'm not sure why Firefox is showing this page instead of the other one.

It's odd that idm.xfinity.com is using an older certificate than the other sites I mentioned: this one would have expired next week, but it was already revoked by the issuer, while the newer one is set to expire in November. I think someone made a mistake in the configuration, but I don't know how to reach someone at Xfinity to help them fix it. Let's set that aside for a moment.

Firefox is one of the last browsers that does a real-time revocation check for website certificates. They all used to do this, but in the effort to shave milliseconds off of loading time, most of them no longer do that. Instead, they work with lists that are updated from time to time.

There is a way to stop Firefox from performing these revocation checks but since that is global and affects all websites, I'm not sure it's the safest choice, if you don't mind using a different browser to check your email for now.

But if you really want to try it, here are the steps:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.

(2) In the search box in the page, type or paste security.OCSP.enabled and pause while the list is filtered

(3) Double-click the preference to display an editing field, and change the value from 1 to 0 then press Enter or click the blue check mark button to save the change.

When you're ready to test whether you can change this back, you can use the Reset button at the right end of the row to restore the default value.

more options

rjrosemeyer said

Mozilla Firefox is the one with the problem, and you need to correct quickly, please.

Considering this only occurred recently as per posts here and the last Firefox update 116.0.2 was released back on Aug 7th.

Hopefully xfinity fixes it soon so people do not wrongly blame the Firefox web browser.

Modified by James

more options

Chosen Solution

Thank you for your help. Ironically, I cannot "Mark it as Solved," because that generates an error as well. (HTTP Error 405)