| |
Hello all,
When I tried to use Paypal today, a "Security Alert" dialoge box popped up,
displaying the following message:
"The internet site you are about to view uses a certificate that has expired
or is not yet valid. Do you wish to proceed?"
Clicking the "View Certificate" button revealed that their certificate
issued to them by VeriSign Trust Network indeed has expired on 3/12/04
11:59:59 PM.
How bad is this? Should I wait with payments until their certificate is
valid again? Has someone of our comunity reported this to Paypal already?
With friendly greetings, M. Moolhuysen.
|
|
| |
In lugnet.market.services, Manfred Moolhuysen writes:
> Hello all,
>
> When I tried to use Paypal today, a "Security Alert" dialoge box popped up,
> displaying the following message:
>
> "The internet site you are about to view uses a certificate that has expired
> or is not yet valid. Do you wish to proceed?"
>
> Clicking the "View Certificate" button revealed that their certificate
> issued to them by VeriSign Trust Network indeed has expired on 3/12/04
> 11:59:59 PM.
The cert validity is 3/12/02 - 3/12/04. Check your system clock, you've got
a few more years to go ;-)
|
|
| |
In lugnet.market.services, Rob Doucette writes:
> In lugnet.market.services, Manfred Moolhuysen writes:
> > Hello all,
> >
> > When I tried to use Paypal today, a "Security Alert" dialoge box popped up,
> > displaying the following message:
> >
> > "The internet site you are about to view uses a certificate that has expired
> > or is not yet valid. Do you wish to proceed?"
> >
> > Clicking the "View Certificate" button revealed that their certificate
> > issued to them by VeriSign Trust Network indeed has expired on 3/12/04
> > 11:59:59 PM.
>
> The cert validity is 3/12/02 - 3/12/04. Check your system clock, you've got
> a few more years to go ;-)
Any chance of a MM/DD/YY vs. DD/MM/YY formatting problem in the date
throwing things off?? I would think not but who knows?
|
|
| |
In lugnet.market.services, Rob Doucette writes:
> The cert validity is 3/12/02 - 3/12/04. Check your system clock, you've got
> a few more years to go ;-)
My system clock says april 17th 2002. Could it be a Y2-bug, making the
system think that the certificate was valid until 1904 ?
In lugnet.market.services, Larry Pieniazek writes:
> Any chance of a MM/DD/YY vs. DD/MM/YY formatting problem in the date
> throwing things off?? I would think not but who knows?
It seems to be the year. Did anyone else recieve the "Security Alert"
dialoge box while visiting the Paypal site ?
With friendly greetings, M. Moolhuysen.
|
|
| |
You don't actually need a certificate to have a secure server. as long as
you see a https in the header and the little padlock in the bottom bar you
are on a secure site. IIRC all the certificate does is shows the owner of
the site is who they say they are. If its a site like paypal where you know
who they are and what they do, I wouldn't worry even if their certificate
has expired (which it hasn't)
Dont think browsers cache ssl pages so it wouldn't be that
--
James Stacey
---------
www.minifig.co.uk
#925 - I'm a citizen of Legoland travelling Incommunicado
"M. Moolhuysen" <moom@nospam-chello.nl> wrote in message
news:GuoE2n.JI4@lugnet.com...
> Hello all,
>
> When I tried to use Paypal today, a "Security Alert" dialoge box popped • up,
> displaying the following message:
>
> "The internet site you are about to view uses a certificate that has • expired
> or is not yet valid. Do you wish to proceed?"
>
> Clicking the "View Certificate" button revealed that their certificate
> issued to them by VeriSign Trust Network indeed has expired on 3/12/04
> 11:59:59 PM.
> How bad is this? Should I wait with payments until their certificate is
> valid again? Has someone of our comunity reported this to Paypal already?
>
> With friendly greetings, M. Moolhuysen.
|
|
| |
"M. Moolhuysen" <moom@nospam-chello.nl> wrote in message
news:Gup9Jn.FyI@lugnet.com...
> In lugnet.market.services, Rob Doucette writes:
> > The cert validity is 3/12/02 - 3/12/04. Check your system clock, you've • got
> > a few more years to go ;-)
>
> My system clock says april 17th 2002. Could it be a Y2-bug, making the
> system think that the certificate was valid until 1904 ?
>
> In lugnet.market.services, Larry Pieniazek writes:
> > Any chance of a MM/DD/YY vs. DD/MM/YY formatting problem in the date
> > throwing things off?? I would think not but who knows?
>
> It seems to be the year. Did anyone else recieve the "Security Alert"
> dialoge box while visiting the Paypal site ?
Everything fine here running with IE6 on W2K Pro SP2. What OS and browser
version are you using? When did you last apply patches?
Dan
|
|
| |
In lugnet.market.services, Manfred Moolhuysen writes:
> Hello all,
>
> When I tried to use Paypal today, a "Security Alert" dialoge box popped up,
> displaying the following message:
>
> "The internet site you are about to view uses a certificate that has expired
> or is not yet valid. Do you wish to proceed?"
>
> Clicking the "View Certificate" button revealed that their certificate
> issued to them by VeriSign Trust Network indeed has expired on 3/12/04
> 11:59:59 PM.
> How bad is this? Should I wait with payments until their certificate is
> valid again? Has someone of our comunity reported this to Paypal already?
Hmmm. I just visited Paypal on a PC with newly installed Windows, and got the
same problem.
The actual problem relates to Verisign's cert - it expires 25 oct 2011, but
it's parent CA cert expires 8 jan 2004. Wonder if Verisign knows this?
As someone pointed out, though, all the cert does is verify that the site is
run by who they say they are - all transfers are still encrypted if it's https.
ROSCO
|
|
|
