Twitter Untrusted Connection

User Help for Mozilla Firefox
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Twitter Untrusted Connection

Post by btreloar »

About once a week I get the Untrusted Connection dialog at Twitter. Technical details says "twitter.com uses an invalid security certificate."

A couple of hours later everything is fine. But for that couple of hours, I can't get into Twitter.

Since I'm checking twitter for my clients, this is a m,ajor inconvenience. Why is this happening and what do I need to do to stop this?
Bill Treloar
User avatar
Grumpus
Posts: 13238
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Re: Twitter Untrusted Connection

Post by Grumpus »

It could be any number of certificate conditions.
Depending on which country your clients are in could result in an OCSP failure.
It could also be a changing certificate at Twitter which is new or from a certificate authority not recognized by your version of Firefox.
It could also be you have the IP of the source, at that moment of submission, for certificate verification blocked or possibly the certificate authority settings under /Preferences/Advanced/Encryption/View Certificate/Edit for the provided certificate at the moment does not have the ability to verify the site.
Or it could be a simple redirect failure.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Re: Twitter Untrusted Connection

Post by btreloar »

Egad - so many possibilities. I and all clients are in the USA. Changing certificate at Twitter would not be something that happens repeatedly once a week or so - at least I wouldn't expect so. It comes and goes without my making any changes to settings at my end. And as for a simple redirect failure, would that likely top be repeatable over several minutes to an hour or so before resolving?
Bill Treloar
User avatar
Grumpus
Posts: 13238
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Re: Twitter Untrusted Connection

Post by Grumpus »

Not to complicate the issue but it could also be transmission interruptions. Intrusion attempts appear to accompany OCSP verification sometimes, or at least it is becoming more noticeable. It also might help to make sure certificates are up to date, when you view a certificate it should have a section which show a verification at the top of the page.
You may want to find a real time traffic monitor to watch what is going on during these times. I found sometimes during a download or OCSP failure Google security/site verification downloads interfere.
There is also how you treat the OCSP verification. Look at /Tools/Options/Advanced/Encryption/Validation ; the block at the bottom shows, "When and OCSP server connection fails, treat the certificate as invalid." If this is checked the slightest change or interruption may cause the failure. This is a condition of the OCSP standards.
A number of years ago the OCSP verification method was considered vulnerable and insecure. If they corrected the issues this could be folks having found the original concept and trying it anyway, not enough to break in but enough to cause the verification failure. But I'm probably wrong about this part.
I ran into a certificate error similar to this where a known and valid authority was used for a local government created certificate which was considered unidentifiable and therefore considered the site a security risk. Much of this may have to do also with the ISP and what that ISP accepts as a valid authorization or maybe Google. Some third party cookies could also be the problem trying to be more persistent.

.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Re: Twitter Untrusted Connection

Post by btreloar »

This is happening with increasing frequency. The option to treat it as invalid, as you suggest might be the culprit is NOT checked. Neverthyeless, at the moment, I got a "untrusted" warning at both Facebook and Twitter, followed by this:

Invalid URL
The requested URL "/home.php?", is invalid.
Reference #9.44260e6b.1346604701.d062986

What's this all about? Are these Firefox messages? How do I stop this from happening?
Bill Treloar
User avatar
Grumpus
Posts: 13238
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Re: Twitter Untrusted Connection

Post by Grumpus »

The invalid URL could be a syntax issue from what you have shown, doesn't look like a proper URL.
I don't know where the reference numbers are from; this wiki link may help: Reference Computer Science
It may also be something to do with your certificates. Is there a specific certificate authority mentioned in the warnings? . . . aside from the improper url. It may also be a spoof or redirect condition.

You may be able to go into /Tools/Options/Advanced/Encryption/Validation and select a certificate authority from the OCSP drop down list.
You would need to check --- Validate all certificates using the following OCSP server: (pick one or one which is supported by Facebook or Twitter.)

Standard (default) setting should be:
checked --- Use the Online Status Cetificate Status protocol to confirm the validity of certificate
checked ---Validate a certificate if it specifies an OCSP server.
checked --- When an OCSP server connection fails, treat the certificate as invalid.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Re: Twitter Untrusted Connection

Post by btreloar »

Thanks, Grumpus. The Reference number, according to your resource, is a program or memory location and I expect would need a Thunderbird programmer to interpret.

Thank you for the setting adjustment recommendations. I've made those changes and will watch to see if the situation resolves.
Bill Treloar
User avatar
Grumpus
Posts: 13238
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Re: Twitter Untrusted Connection

Post by Grumpus »

Good Luck :)
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Re: Twitter Untrusted Connection

Post by btreloar »

Thanks for wishing me good luck, but unfortunately that was insufficient. The problem, if anything, is getting worse. And It must be something on my computer because while Facebook was unavailable due to this error, I had no trouble connecting from my smartphone.

BTW, the URL the error quoted a few messages ago looks invalid, but it is the correct end of the Facebook URL after the domain ... if that matters.
Bill Treloar
User avatar
Grumpus
Posts: 13238
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Re: Twitter Untrusted Connection

Post by Grumpus »

Have you run a disc diagnostic or performed any virus/malware checks.
Have you tried operating Firefox in Safe Mode and attempted access.
Do you have Firefox preferences set to notify you of any redirects?
User avatar
JayhawksRock
Posts: 10433
Joined: October 24th, 2010, 8:51 am

Re: Twitter Untrusted Connection

Post by JayhawksRock »

The Facebook problem may be related to the known problem with their cookies and how Facebook uses a redirect when loggin in. see this solution> viewtopic.php?f=38&t=2528519
You may want to try that and maybe for Twitter as well.
"The trouble with quotes on the internet is you never know if they are genuine" ...Abraham Lincoln
User avatar
patrickjdempsey
Posts: 23686
Joined: October 23rd, 2008, 11:43 am
Location: Asheville NC
Contact:

Re: Twitter Untrusted Connection

Post by patrickjdempsey »

btreloar wrote:Invalid URL
The requested URL "/home.php?", is invalid.
Reference #9.44260e6b.1346604701.d062986


Did a Google on this... not a Firefox problem, folks on Chrome and other browsers are getting it as well. Are you using any AV toolbars or AV "link" features?
Tip of the day: If it has "toolbar" in the name, it's crap.
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
User avatar
btreloar
Posts: 374
Joined: November 10th, 2004, 2:46 pm
Location: East Hanover, NJ, USA
Contact:

Re: Twitter Untrusted Connection

Post by btreloar »

Well, the approach to go to Tools | Options | Privacy | Exceptions and add Google and Twitter seems not to have worked. I'm currently being blocked from Twitter.

I have Norton 360 running, but disabling their antivirus doesn't allow me to get to Twitter. I have no other antivirus running, so it must be something else.
Bill Treloar
User avatar
JayhawksRock
Posts: 10433
Joined: October 24th, 2010, 8:51 am

Re: Twitter Untrusted Connection

Post by JayhawksRock »

Did you allso disable the Norton stuff in Addons Plugin section? Also check for any other extension/plugin related to security or search.
"The trouble with quotes on the internet is you never know if they are genuine" ...Abraham Lincoln
Harv72b
Guest

Re: Twitter Untrusted Connection

Post by Harv72b »

I've been getting the same issue intermittently for several months now. I don't use facebook but it does crop up from time to time, seemingly at random, with twitter. Most frustrating is that there is no option to ignore the "bad" certificate. This occurred on my old PC and is now happening on the one I bought 3 days ago.

I've tried pretty much everything there is to try in firefox's tools. Tried adding an exception for the server domain but it does not change the response. Tried changing to a specific OCSP server (Akamai, which provides the certificates for twitter) and that had no effect either. Even tried unchecking the OCSP validation entirely.

I've had it happen at the beginning of a web session, in the middle, and when navigating from one twitter webpage to another. Extremely annoying, to say the least.
Post Reply