Avatar for Username

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

此討論串已被封存。 如果您有需要幫助,請新增一個新問題

"Untrusted Connection" warning at Quicken Bill Pay website

  • 2 回覆
  • 2 有這個問題
  • 48 次檢視
  • 最近回覆由 ideato

doug65
doug65
more options

Firefox 34.0.5, Windows 7 pro Accessing the Quicken Bill Pay (www.quickenbillpay.com) website generates message: “This Connection is Untrusted”

1. Computer date and time settings are OK. 2. Other secure websites do not generate this warning. 3. Quicken Bill Pay support personnel assure me that their website is safe and their certificate is valid. 4. The certificate does, in fact, appear to be a current and valid “VeriSign Class 3 Extended Validation SSL CA” 5. The “Technical Details” section of the warning message says “The certificate is not trusted because no issuer chain was provided.” 

    a.	The Firefox Help article for this message says “You may have enabled SSL scanning in your security software such as ESET or BitDefender. Try to disable this option.”  (https://support.mozilla.org/en-US/kb/connection-untrusted-error-message#w_the-certificate-is-not-trusted-because-no-issuer-chain-was-provided)
    b.	But I use Norton Security Suite v. 21.6.0.32.  I do not find a settings option for disabling SSL scanning, and in any case, since other secure websites are not affected, this does not appear to be the case.

6. Accessing the certificate via the “Add Exception” option shows this message: 

    a.	“Could not verify this certificate because the issuer is unknown”
    b.	But the certificate is clearly issued by the “VeriSign Trust Network”

In the absence of any other explanations (which would be welcome) I am leaning toward the assumption this is a Firefox bug.

Firefox 34.0.5, Windows 7 pro Accessing the Quicken Bill Pay (www.quickenbillpay.com) website generates message: “This Connection is Untrusted” 1. Computer date and time settings are OK. 2. Other secure websites do not generate this warning. 3. Quicken Bill Pay support personnel assure me that their website is safe and their certificate is valid. 4. The certificate does, in fact, appear to be a current and valid “VeriSign Class 3 Extended Validation SSL CA” 5. The “Technical Details” section of the warning message says “The certificate is not trusted because no issuer chain was provided.” a. The Firefox Help article for this message says “You may have enabled SSL scanning in your security software such as ESET or BitDefender. Try to disable this option.” (https://support.mozilla.org/en-US/kb/connection-untrusted-error-message#w_the-certificate-is-not-trusted-because-no-issuer-chain-was-provided) b. But I use Norton Security Suite v. 21.6.0.32. I do not find a settings option for disabling SSL scanning, and in any case, since other secure websites are not affected, this does not appear to be the case. 6. Accessing the certificate via the “Add Exception” option shows this message: a. “Could not verify this certificate because the issuer is unknown” b. But the certificate is clearly issued by the “VeriSign Trust Network” In the absence of any other explanations (which would be welcome) I am leaning toward the assumption this is a Firefox bug.

被選擇的解決方法

Hello dough65,

The reason for the SSL certificate issue was because [[the site doesn't properly implement a certificate|https://www.sslshopper.com/ssl-checker.html#hostname=https://login.web.quickenbillpay.com]] chain that links their certificate issued from a intermediary instance to the root certificate authority trusted by the browser.

I found a similar problem (even though for a different site) and solution from a [[previous post|https://support.mozilla.org/en-US/questions/996763]] in this forum.

Hope that helps

從原來的回覆中察看解決方案 👍 1

所有回覆 (2)

rutomo
rutomo
more options

選擇的解決方法

Hello dough65,

The reason for the SSL certificate issue was because [[the site doesn't properly implement a certificate|https://www.sslshopper.com/ssl-checker.html#hostname=https://login.web.quickenbillpay.com]] chain that links their certificate issued from a intermediary instance to the root certificate authority trusted by the browser.

I found a similar problem (even though for a different site) and solution from a [[previous post|https://support.mozilla.org/en-US/questions/996763]] in this forum.

Hope that helps

ideato
ideato
more options

Hello doug65, see if the next fix the issue, go to about:config, copy the next bold security.tls.version.min and paste it in the search field, now double-click on it and change the value to 0 (zero), exit about:config page, exit firefox, and then restart firefox.

see also : https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

If that solve the issue, when you do your job with the site you can revert back the preference.

thank you