[ssl_error_bad_cert_domain] click.mail.whitehouse.gov uses an invalid security certificate - only valid for *.s6.exacttarget.com, s6.exacttarget.com

RESOLVED FIXED

Status

RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: miker206wa, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

3 years ago
Created attachment 8670905 [details]
Firefox Whitehouse 'Connection is Untrusted' ERROR.pdf

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Build ID: 20150929144111

Steps to reproduce:

I received an email message containing several links, including the following:

http://click.mail.whitehouse.gov/?qs=c6aec1282a76923cd8573da1e134d6180ad97490b1f969fbaf45d6f5bc2201c235428e02a35d74a2

http://click.mail.whitehouse.gov/?qs=c6aec1282a76923cd228973f71778fe83ccf05f709c1a2fb47ba8f755e10afd2a5aa33d322b516ec

http://click.mail.whitehouse.gov/?qs=c6aec1282a76923c9ac9eb18f24a07572cf847683277064376fdab822d12a469b1a714902e085b7e




Actual results:

When I click on these links (ONLY in FIREFOX), I get the following error.

No error occurs with these links in: MS-IE, Chrome, Opera.

-------------------------------------------
This Connection is Untrusted

You have asked Firefox to connect securely to click.mail.whitehouse.gov, but we can't confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

"Technical Details"

click.mail.whitehouse.gov uses an invalid security certificate.

The certificate is only valid for the following names:
  *.s6.exacttarget.com, s6.exacttarget.com  

(Error code: ssl_error_bad_cert_domain)
-------------------------------------------



Expected results:

When I open these links in (MS-IE, Chrome, Opera), the page opens without error.
(Reporter)

Updated

3 years ago
OS: Unspecified → Windows 7

Comment 1

3 years ago
The links are http but they redirect to https, and that's where the problem starts.
https://www.ssllabs.com/ssltest/analyze.html?d=click.mail.whitehouse.gov
Status: UNCONFIRMED → NEW
Component: Untriaged → Desktop
Ever confirmed: true
OS: Windows 7 → All
Product: Firefox → Tech Evangelism
Hardware: Unspecified → All
Summary: URL: (http://click.mail.whitehouse.gov/?qs=c6aec1282a76923cd8573da1e134d6180ad97490b1f969fbaf45d6f5bc2201c235428e02a35d74a2) is 'Untrusted' ONLY in Firefox !? → [ssl_error_bad_cert_domain] click.mail.whitehouse.gov uses an invalid security certificate - only valid for *.s6.exacttarget.com, s6.exacttarget.com
Version: 41 Branch → unspecified

Comment 2

3 years ago
Fixed.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.