U

Visitor

 • 

6 Messages

Wednesday, March 1st, 2023 11:35 PM

Closed

Unmatching Security Certificate?

Is the security certificate used by Xfinity/Comcast for customer email outdated or incorrect?  


I have a paid subscription to Bitdefender Total Security,  which is one of the best internet security/anti-malware programs available.
Whenever I LOG OUT of my Comcast/Xfinity email,  I am automatically redirected by Comcast to  https://xfinity.comcast.net/
 and the following Warning pops up from my security program: 

Web Protection by Bitdefender


Suspicious page blocked for your protection


https://xfinity.comcast.net/


Your connection to this web page is not safe due to an unmatching security certificate.
This means that the certificate was issued for a different web address than the one it is being used for, and you run the risk of exposing your data by accessing this page.

Official Employee

 • 

875 Messages

2 years ago

@ComcastCustomer99 There are no known issues currently with our Xfinity Homepage. The web domain xfinity.comcast.net re-routes to xfinity.com/overview as that is our homepage. What web address are you using to access your Comcast email address? 

Visitor

 • 

6 Messages

2 years ago

@XfinityBradM:

I log in through https://connect.xfinity.com/  which is what a Comcast technical support representative told me to use.

However when I log out Xfinity/Comcast automatically redirects me to https://xfinity.comcast.net/  and as I mentioned in my original post that is where I see the Security Warning.  See my original post for the contents of the Security Warning.

Do you have the ability to actually see the Security Certificate in question?

Official Employee

 • 

1.4K Messages

@ComcastCusotmer99. Programs like Bitdefender can flag something even when there is no issue. It happened to at times with similar programs. I suspect that is the case. There is no route we can take to check the certificate as that would be something fixed very quickly if it were an issue. 

I no longer work for Comcast.

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Expert

 • 

31.3K Messages

@ComcastCustomer99​ 

@XfinityBradM:

I log in through https://connect.xfinity.com/  which is what a Comcast technical support representative told me to use.

However when I log out Xfinity/Comcast automatically redirects me to https://xfinity.comcast.net/  and as I mentioned in my original post that is where I see the Security Warning.  See my original post for the contents of the Security Warning.

Do you have the ability to actually see the Security Certificate in question?

If you click through you can see it.  There really isn't anything wrong here, it's just not redirecting correctly.  In the end you would land here: https://www.xfinity.com/overview

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Gold Problem Solver

 • 

26.3K Messages

2 years ago

@XfinityEthan wrote: "... that would be something fixed very quickly if it were an issue."

And yet, attempts to reference that link produce: "Firefox does not trust this site because it uses a certificate that is not valid for xfinity.comcast.net. The certificate is only valid for the following names: a248.e.akamai.net, *.akamaihd-staging.net, *.akamaihd.net, *.akamaized-staging.net, *.akamaized.net":

You gotta love it when employees suggest that you are imagining things.   :-(  :-(  :-(
Please be aware that there are 2 kinds of responses in this Forum: Replies and Comments. When you Comment on a post by scrolling down to "Comment on this post here...", I am notified of your response. But if you select Reply, I am NOT notified and may not be aware of your response.

(edited)

Contributor

 • 

72 Messages

2 years ago

That sounds a lot like some links and/or certificates didn't get set to the production values when that portion of the site was deployed. The ***-staging.net values make me think that. That's typical of the names of the servers used when testing a new set of pages (on a "staging" server). As the site is deployed to production, the links and certificates should get substituted with the production values. That may not be it, but it really seems like it.

Visitor

 • 

1 Message

2 years ago

This issue is still happening!!
I got am email reminding me to update my payment method to keep a $10/mo discount, it contained a link to https:/xfinity.comcast.net which results in the untrusted cert/NET::ERR_CERT_COMMON_NAME_INVALID error.

IF you go to http://comcast.net it properly redirects to https://xfinity.com

IF you go to https://xfinity.comcast.net (the one in my email!!) OR https://comcast.net you receive the cert error mentioned 5mo ago by OP.

Seems like xfinity/comcast dont really care about proper certificate security.

I thought I was being fished but whois says that comcast.net is their domain, cant imagine what grandma would do when getting this error.

fun.

Problem Solver

 • 

1.5K Messages

@user_07a67b​  Try clearing out your web browser cached content.  It's probably been quite a while.

comcast.net is a redirect to https://www.xfinity.com/overview these days.  It's mixed content, meaning parts of it won't be SSL.  Some browsers may complain about that depending on your security settings.

xfinity.comcast.net isn't listed on the cert.  Bad web page bloat they lost track of and haven't fixed. 

Edit:  Interesting!  Some browsers don't like Akamai -- the cert issuer. 

Update:  There must have been a rollout.  Akamai cert fails, the COMODO RSA cert works.  Which one will you get when you navigate to https://xfinity.comcast.net ?  Whichever web server the load balancer points points you to in your market.

(edited)

Expert

 • 

31.3K Messages

@user_07a67b​ 

Does that email have the verified xfinity logo?

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

2 Messages

2 years ago

I'm getting a certificate error as well from my ESET antivirus software, it's giving me the error "Website certificate revoked" when trying to login.

When I hit "idm.xfinity/com/myaccount/creat-uid?token=ey..."

it says "the certificate used by this server has been marked as untrustworthy and the connection is not safe", and doesn't allow me to proceed.

Gold Problem Solver

 • 

26.3K Messages

2 years ago

I'm getting a certificate error as well from my ESET antivirus software ...

Your message was posted as a comment on a 5 month old topic in the Email forum. You'll be more likely to get help by starting a new topic in the "Sign-In and Account Management" forum at https://forums.xfinity.com/topics/signin-and-account-management/602d5700e6b3965d18e3a5af.

Please be aware that there are 2 kinds of responses in this Forum: Replies and Comments. When you Comment on a post by scrolling down to "Comment on this post here...", I am notified of your response. But if you select Reply, I am NOT notified and may not be aware of your response.

2 Messages

@BruceW​ Thanks but I don't really care that much. I'm actually a centurylink customer but they just raised their prices so I wanted to re-evaluate xfinity to see if they're more competitive now. However upon hitting a cert error on the website when just trying to get a quote, it really put me off and I'll stay with centurylink another year. I know how I can fix it (I've been working in IT for years, just disable my AV for that site..) but thought I'd register the fact that I was also having issues so they are aware of another data point.

forum icon

New to the Community?

Start Here