Skip to main content

    Support

    Offers

A
AoshiZero
1st Topic

Visitor

 • 

3 Messages

Saturday, November 11th, 2023 1:10 AM

Closed

Certificate is expired or is not yet valid

I just started getting this message. My internet and everything works but I get the message through kaspersky. I can discontinue or continue the connection. 

Question

 • 

Updated 

1 year ago

366

2

0

flatlander3

Problem Solver

 • 

1.5K Messages

1 year ago

There was another post about that anti-virus product.  Are you using a "web shield" feature?

If you are, you have introduced a man-in-the-middle.  It doesn't make you "safe".  What you have done is introduce a man in the middle that is using a proxy service, meaning a web shield intercepted the certificate and replaced it with theirs.  Click on the lock icon on your browser.  Look at the certificate.  Does your browser say this when you examine the certificate?  This is the current one for xfinity.com.

COMODO RSA Organization Validation Secure Server CA.

Issued On
Sunday, August 13, 2023 at 7:00:00 PM
Expires On
Tuesday, August 13, 2024 at 6:59:59 PM

SHA-256 Fingerprints

Certificate
06d91575ce2dd01f71b314760bb042a1b5ae0d5ebdf7e41829506b98219895e9
Public Key
8275a2029cd731f725f9119496e1623da1602750e088a6b9d1dfbd1067b723d2

(edited)

0

0

XfinityJohnG

Official Employee

 • 

1.6K Messages

1 year ago

Thank you for reaching out to us here @AoshiZero. Are you still getting that message? 

3

0

AoshiZero

Visitor

 • 

3 Messages

@XfinityJohnG​ No. It has stopped popping up. I actually never got to see the middle man that was causing issues but I appreciate such a quick response! Thank you!

1 year ago

0

flatlander3

Problem Solver

 • 

1.5K Messages

@AoshiZero​  Other super common reasons for cert errors?  Incorrect computer time, outdated OS (update the cert store in your OS -- apply OS updates when they come out), outdated browser (update those too), hijacked browser redirecting your searches/web traffic to a proxy (common adware exploits).  Outdated bookmarks you saved that will serve up the wrong cert -- those go stale too when a site changes.  All need to be investigated.

Is a "web shield" a good thing or a bad thing?  Depends on who you trust.  If you use Xfinity equipment, the DNS traffic is intercepted and private data is gleaned about your web browsing habits.  If you use a web shield, the DNS traffic is intercepted and private data is gleaned about your web browsing habits, you're just giving the data to someone else.  Depending on the product, some will block data from known compromised sites, and can help with cross-site-script attacks.  Sometimes even can identify incoming "PUPS" -- potentially unwanted programs -- otherwise known as browser exploits.

Better?  Use an OS with user and system privilege separation for web surfing (not windows).  Unix/Linux is better at this.  Mac to some degree, although their products are just as bad as Chrome and Windows as far as privacy goes.  Use features in web browsers.  Use add-on programs such as ad blockers, script blockers, and cookie blockers (tracking protection).  Always stay up-to-date on software.     

1 year ago

0

XfinityKatie

Official Employee

 • 

744 Messages

I am glad to hear that you are no longer seeing that message @AoshiZero, we hope everything continues to work without issue! If the message pops back up again in relations to Kaspersky and your services continue to work without issue, it may be a good idea to connect with them to ensure everything is set up correctly with them. Please never hesitate to make a new post should you need assistance. Our team and entire community will always be here to help!

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

1 year ago

0

forum icon

New to the Community?

Start Here