Can't visit secure sites - I suspect Windows Update (Vanity)

my fertile brain ^ | 1/14/03 | the non-secure Warrior Princess

[Viva Le Dissention]

While it's only a temporary fix, I might suggest using a proxy server to access the secure pages.

Query as to whether you want sensitive information going through a different server, but it's certainly more safe than handing your credit card to a waiter you've never seen or heard from at a restaurant.

A really top-notch (and free--no downloads) proxy is available at www.guardster.com. It works pretty well, although I have noticed that sometimes it doesn't display pictures properly.

Anyway, hope this is at least a patch.

[Bloody Sam Roberts]

If you suspect that XP's Windows Update is the culprit, I have a solution when you get back up and running.

I do not use XP. I hate it. But I have a number of friends that I have set it up for.

The one thing you really must use is called XP Anti Spy.

XP AntiSpy is a little utility that let's you disable some built in update and authetication 'features' in Windows XP. It is a very small utility that runs as a stand alone and requires no installation and it is FREE

There are quite a number of settings in XP that allow it to "phone home" to MicroSoft and there are other settings that are simply a nuisance. If you like, you can disable these functions manually, by going through the System and checking or unchecking some check boxes. This will take you approximately half an hour.

With XP Anti Spy it takes about 30 seconds. Click on the link and give it a looksee. To download, look on the bar to the left and click "Downloads"...then click on "xp-antispy" then scroll down to "xp-AntiSpy English" (It's a .zip file). It's only 29 Kb in size. Download it and unzip it to your root directory then just double-click on the XPantispy.exe file.

Here's a screen shot:

[Prysson]

belive it or not the system I had an issue with I reinstalled the OS on as well. It still didnt work. Depends on if it was a clean install. If they just reinstalled over the existing OS then it may not have corrected the problem. I know it didnt in my case.

Regardless.I would try the methods listed in the Techknowlegde. It doesnt take long and if it corrects the problem then it is corrected.

[PAR35]

The problem may not be on your end. Apparently, a bunch of Verisign issued certificates expired very recently. Verisign/Network Associates is blaming its customers, and some of them are blaming Verisign.

Expired VeriSign certificates cause confusion
http://news.zdnet.co.uk/0,39020330,39118994,00.htm
"Users have experienced problems when accessing SSL-encrypted pages on sites whose certification depended on VeriSign's own expired certificates.

The company said that older versions of its Intermediate Certificate Authority (CA) expired on 7 January. "As a result, users attempting to establish SSL session with sites that had not updated their CA certificates may start encountering error messages," said VeriSign in a statement. "There is no security danger, and users who ignore these error messages can successfully establish secure SSL connections. However, sites should update their CA certificates if they have not already done so, to avoid user confusion. No action is required on the part of end users."

Also:
http://www.zdnet.com.au/newstech/security/story/0,2000048600,20282575,00.htm
The expiration of some of VeriSign's certificate-authority certificates last week appears to have caused problems beyond harmless error messages generated when users tried to access secure areas of Web sites. Security-software firm Symantec on Friday blamed VeriSign for problems with its security products that left users' PCs unresponsive and unstable.

[Xenalyte]

It's not a very recent problem. It's been going on for at least four months.

[PAR35]

Sorry to have sidetracked you. Good luck on sorting it out.

[Woodman]

Note, just updating your certificate does not solve the problem, the old cert must be removed or you will still get the certificate warning.