Virgin Media Virgin Media Community

andrew91 · ‎08-07-2020

Over the last few months I have seen an intermittent problem when
connecting to my internet banking website (using https).
On each occasion the problem remains constant for a few days,
then goes away for a while.

Details of the problem are below.

BUT this problem only happens when I am using my Virginmedia internet
connection.
If I switch my connection to BT or EE, the problem never occurs.

To work around the problem I just have to disconnect from VM and connect
via BT or EE - no reboots, no browser restarts, no clearing the cache
etc; just switch from one ISP to another.
But when I go back to my VM connection the problem comes back.

After a few days the problem goes away ... until next time ...

I have also seen this problem (once) when connecting to a particular
page on a UK government website that used https
(I forget which one now).
But connections to other https pages on the same site worked fine.

Because, when it happens, it ONLY happens when connecting via VM
broadband and not when connecting via BT or EE, it looks a lot like the
problem is with VM rather than with the website or with my browsers.

So I wonder what is it about the VM connection that causes this
intermittent problem.
Maybe it is something to do with VM's transparent proxy servers?

Has anyone else seem this kind of issue?
Or does anyone have any idea how I could contact someone at VM who
would even understand the issue?

thanks
andrew

Details
This is on an apple macbook with firefox and safari browsers.
Since the machine runs macos, it typically stays up for months
between reboots.
I normally connect to the internet using Virgin Media broadband
service that is part of VM's cable TV network.

If I connect to my online banking service (RBS) using firefox
(my preferred browser) I get a page that says:

The page isn't directing properly

[and no other useful information]

But if I connect using safari, I get rather more information about the
problem.
First I get a page that says:

This connection is not private

Then, if I select "Show Details", it says that the site's certificate is
not valid.
Then, if I select "view the certificate", it shows details of a
certificate issued by COMODO CA Limited to Royal Bank of Scotland,
and says:

This certificate was signed by an untrusted user

Assuming that the certificate is actually signed by a trusted user,
and considering that the problem only occurs when I connect using VM,
it looks like something in VM's network may be corrupting the certificate.

andrew91 · ‎09-09-2020

Anyway, I converted the PDFs to JPG.

Here they are:

x

andrew91 · ‎09-09-2020

Anyway I converted the PDFs to JPG.

Here is the root certificate:

andrew91 · ‎09-09-2020

Here is the intermediate certificate:

andrew91 · ‎09-09-2020

Here is the online banking certificate:

用心棒 · ‎09-09-2020

Thank you for posting the images. Will work my way through them but I noticed use of depreciated MD5 fingerprint, are you using an older version of MacOS and/or Safari?

用心棒 · ‎10-09-2020

The certificate SHA-1 fingerprint for:

COMODO RSA Certification Authority
AF E5 D2 44 A8 D1 19 42 30 FF 47 9F E2 F8 97 BB CD 7A 8C B4
COMODO RSA Organization Validation Secure Server CA
10 4C 63 D2 54 6B 80 21 DD 10 5E 9F BA 5A 8D 78
16 9F 6B 32
service.oneaccount.com are correct
82 47 E9 19 2A 1C F0 1E E4 BC 51 80 9B 21 46 87 B5 DA 65 D1

are correct, as far as I can see. Further more the root certificate COMODO RSA Certification Authority is from your operating system's Trust Store and, as the name implies, is implicitly trusted. So for the moment I am stumped as to why it should intermittently not be trusted and only when using your Virgin Media connection when all would reference the same Trust Store certificate. Firefox has it own Trust Store and the same observations apply there too.

Out of curiosity are you using Rapport in Safari and Firefox?

andrew91 · ‎10-09-2020

@用心棒 wrote:
Thank you for posting the images. Will work my way through them but I noticed use of depreciated MD5 fingerprint, are you using an older version of MacOS and/or Safari?

MacOS version is 10.11.6 (El Capitan). I guess these days that counts as "older" 😊

Safari version is 11.1.2.

I normally use Firefox for my all my browsing. It is regularly updated.

If Firefox encounters a problem displaying some webpage, often comparing the behaviour of Firefox with that of Safari can help diagnose the problem. I don't use Safari for regular browsing.

On this occasion I used Safari to display the certificates because it actually provides the certificate information when the connection fails. By contrast, Firefox just says The page isn't directing properly and doesn't give any indication that it is a certificate problem.

用心棒 · ‎10-09-2020

When the issue next occurs see if using private browsing mode makes any difference; in Firefox press Cmd + Shift + P or in Safari Cmd + Shift + N

Also consider making One Account aware of the issue with the aim of them investigating when it next occurs or use Firefox's Developer Tools' Network Monitor to see what re-directing is occurring.

andrew91 · ‎12-07-2021

[I hope I'm not tempting fate here!]

Interestingly, this issue stopped occurring a few weeks after my last post (Sept 2020) and hasn't happened since.

Maybe a virginmedia gnome worked out the cause of the problem and fixed it? If so, many thanks!

Virgin Media Virgin Media Community

Virgin Media Virgin Media Community

intermittent report of invalid SSL certificate: but only when I connect via virginmedia