Strange SSL Issues today...

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Strange SSL Issues today...

Post by Benjamin »

I'm having some very odd issues with my ISP today and I'm wondering if anyone here can shed some insight on how this is even possible.

Going to https facebook.com, google.com, bing.com, yahoo.com, ebay.com (all major sites) results in the following error:

[text]www.google.com uses an invalid security certificate.

The certificate is only valid for the following names:
*.suddenlink.net , suddenlink.net

(Error code: ssl_error_bad_cert_domain)[/text]

It appears my ISP is returning their own certificate for specific websites! My thoughts are they are installing monitoring software of some sort and someone dropped the ball and configured it incorrectly causing this to happen, but that's just a hunch.

Further, going to the non-ssl versions of these sites causes the following error:

[text]The connection to www.facebook.com was interrupted.

Error 101 (net::ERR_CONNECTION_RESET): The connection was reset.[/text]

I called them and they stated they received numerous calls regarding this today. What's up with this?
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Strange SSL Issues today...

Post by requinix »

Sounds like they've added a proxy or cache. What IP addresses do those problematic domain names resolve to?
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: Strange SSL Issues today...

Post by Benjamin »

[text]host https://facebook.com
https://facebook.com has address 66.152.109.104
host https://google.com
https://google.com has address 66.152.109.104[/text]

[text]http://facebook.com
http://facebook.com has address 69.16.143.104
host http://google.com
http://google.com has address 66.152.109.104[/text]
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Strange SSL Issues today...

Post by requinix »

Yeah, that's stupid. Their DNS servers are doing Bad Things by resolving everything to their own servers which then, presumably, fetch the real content for you. Maybe they've set you up with a parental filter? If you call them up then tell them about the DNS problem and that should get you further (elevate if you have to).

On your end you can change the DNS servers you're using, either in the OS in your router/modem settings. OpenDNS has a free service but when they started redirecting missing domain names to their search portal (eg, trying to go to http://www.nonexistantdomainname.com would send you to their search page for "www.nonexistanddomainname.com") I moved to Google's public DNS.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: Strange SSL Issues today...

Post by Benjamin »

Yeah I configured my firewall to use public dns servers instead of the ISP's. Not sure what the ISP is trying to do but that is certainly shady.
Post Reply