IE/FF Certificate expirations for known sites

Topic

New Reply

Ive got an older tower running XP Pro that suddenly started barking about certificate expirations, both in IE8 and FF3.5. And heres the strange thing, they actually are expired for only this users setting – I have an admin account that works fine. so it appears that certificates are maintained at the user level.

Its for many Verisign certificates that are used for secure purchases and Facebook.

Typically, I thought that it was the responsibility of the site to renew its certificates, but these seem to be used by many sites.

So how do I fix this? I suppose that I could delete the user and copy all the data to a new user home directory, and that might fix it. Ive tried to fix it by removing all the certificates in both IE and FF and they didnt get recreated. I can override some of them in FF, but have had no luck in IE.

Seems like a bit of a hassle for something that I thought was automatic.

Or, another thought, has the system been compromised? Doesnt appear to have been, have mcafee running and its up to date, and all windows security fixes have been applied.

Thoughts?

Reply | Quote

Replies

You don’t fix it, it’s up to the site to keep their certificates up to date.
What sites (URL) and we will see if we get the same result.

cheers, Paul

Reply | Quote

You don’t fix it, it’s up to the site to keep their certificates up to date.
What sites (URL) and we will see if we get the same result.

cheers, Paul

Ive seen it only for this user on the system (I have several other systems that dont have this issue) and its only on this specific user on this specific system.

Specifically, its facebook.com, jcpenney.com, and rockwell.com. All well known sites, and reputable.

Reply | Quote

Ive got an older tower running XP Pro that suddenly started barking about certificate expirations, both in IE8 and FF3.5. And heres the strange thing, they actually are expired for only this users setting – I have an admin account that works fine. so it appears that certificates are maintained at the user level.

You might go to the Microsoft Update site and check for non-emergency updates. I think they regularly add and update root certificates and other certificate related stuff through updates.

Reply | Quote

You might go to the Microsoft Update site and check for non-emergency updates. I think they regularly add and update root certificates and other certificate related stuff through updates.

That was a great idea, but I already tried that. All ms security fixes and optionals have been applied.

Reply | Quote

Maybe that user has the certificates cached and the cache is broken so you only see old certificates?

cheers, Paul

Reply | Quote

Maybe that user has the certificates cached and the cache is broken so you only see old certificates?

cheers, Paul

Ill try flushing the cache, but Im not hopeful. Ill try it tomorrow, and if it doesnt work, Ill rebuild the user.

Reply | Quote

Problem has been identified with assistance from the Security forum at DSLReports.com

System clock is off, its says 2002. Resetting the system clock manually fixes issue, so Ill replace the battery later tonight.

the fact that another user on the same system worked was a red herring that sent me on a wild goose chase, no idea as to why that user allowed secure (https) access, but it did.

Reply | Quote