Jump to content

Blocked Certificate only on specific site & computer


Recommended Posts

Hey everyone. Folks over at BleepingComputer.com sent me over here for some help with a problem I've been having recently. Whenever I visit reddit, or any subdomain, since 9/14/2017, I keep getting an untrusted certificate warning for sync.madnet.ru, which requires me to keep blocking every time. The certificate itself seems to be issued for madnetex.com, by the Let's Ecrypt Authority X3 from April to July-ish. This issue, though, only seems to appear on my laptop, while my desktop and phone, which both also use ESET, experience no such issues when visiting the same site. I'm unsure of what the exact issue is, but it only occurs on reddit, and it worries me if something else would be wrong on my laptop to trigger it so.

Link to comment
Share on other sites

On ‎9‎/‎17‎/‎2017 at 9:11 PM, high_tide1 said:

I keep getting an untrusted certificate warning for sync.madnet.ru, which requires me to keep blocking every time

The cert. for the domain noted expired 2 months ago. See below:

Eset_Bad_Cert.thumb.png.b63ddbc7b92525a9b097bdeecbcbcc9b.png

Link to comment
Share on other sites

Thanks for replying. I realize that reddit uses the *.reddit certificate, and I've validated that information is what reddit uses. I was confused as to why ESET only detected that certificate on reddit.com when it failed to do so on any other computer I had visiting reddit.com as well, nor had it done so until recently. The problem only occurs on reddit.com.

Link to comment
Share on other sites

13 minutes ago, high_tide1 said:

Thanks for replying. I realize that reddit uses the *.reddit certificate, and I've validated that information is what reddit uses. I was confused as to why ESET only detected that certificate on reddit.com when it failed to do so on any other computer I had visiting reddit.com as well, nor had it done so until recently. The problem only occurs on reddit.com.

I went to reddit.com and received no alerts. So you will have to provide more detail on what is going on.

1. Do you get the alert when initially entering the web site?

2. When you click on something at reddit,com?

In any case, please post a screen shot showing both the web page and the alert displayed. Appears to me your browser is being hijacked to a fake "redid.com" web page using the expired cert. in question.

Edited by itman
Link to comment
Share on other sites

LxJPqWE.png

 

I have just now started getting the same thing. Doesn't happen every time I visit reddit but enough times for me to notice it.

 

Also it seems to happen more often if I refresh the page via CTRL+F5 

Edited by nitrousoxide
Link to comment
Share on other sites

I turned off all tracking protection I have and also enabled ActiveX in IE11. I then navigated to the reddit.com web page where the "Mass Evacuation" article was. Still no alert about the madnetex.com cert..

At this point, all I can say is it must have something to do with the certs. Chrome is using. Note that Chrome uses it own root cert. CA store and not the Windows one.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...