U

Friday, August 30th, 2024 7:50 PM

Frequent website security certificate errors - susi.comcast.net redirect to "Activation" page

Been round and round with support and can't seem to get someone who understands the issues.  If I get told to "restart" something again I've had it... and then once I restart something I'm told "you're online so we resolved the issue!"  No.  No you have not and no one seems to have any clue of what is going on.

PLEASE HELP!!!

What happens is when I visit websites, randomly and frequently I get a warning that "This Connection is Not Private" stating there is an invalid security certificate.  The security certificate goes to "susi.comcast.net" and when you proceed to the site it is a redirect to a "Welcome to Xfinity" site telling you to download the app and activate internet.   The websites are where I get this error are random and sometimes it goes through, sometimes it does not. And it's not the same websites either, that is random too.  Many of the websites are standard secure sites that usually have no issues.

I have a personal router, so the Comcast Modem is in bridge mode.  However I have tried several times taking it in and out of bridge mode and still have the same issues either way.

To answer the "tech support" standard questions that I always get asked:

1.  Yes, my internet is activated

2.  Yes, I am connected 

3.  No, I am not "restarting" unless you have an idea of what the problem actually is

Official Employee

 • 

646 Messages

3 months ago

@user_6vdjgz Hello and good afternoon. Thanks for posing and sharing your experience with the community. We appreciate it and are happy to assist. We are a team of experts that you can count on to ensure your internet is working. We all work from home, and know it is vital to have a good connection. Thanks for the troubleshooting so far, you may need to actually reboot the modem and also your internet devices so everything has the latest patches and updates successfully. What devices is this happening on? List the devices, their operating systems, and their latest OS version numbers so we can proceed. 

6 Messages

@XfinityBenny​ I have tried rebooting at least a dozen times - this includes the gateway, the router, and all devices.  The last attempt at rebooting everything was yesterday.  As I said in my post, I am NOT interested in simply rebooting everything again hoping some fix happens.

This internet redirect problem happens on all devices across apple, android, and PC, when they are connected to the network.  It did not happen with my previous Xfinity gateway that I was forced to replace a couple months ago when I renewed my service contract.  Unfortunately, tech support seems to always default to this being a "connectivity issue" but it is NOT.  I have a good connection, all services are working, but the problem is isolated to internet and this random yet frequent (5-10% of the time) redirect to the page stated above.  It is not isolated to any particular internet pages (i.e. it just happened on Amazon) and appears completely random.  

Please help me identify and fix this very specific problem - attempting to go to a website and 5-10% of the time getting a warning that "This Connection is Not Private" stating there is an invalid security certificate, having the security certificate from "susi.comcast.net" and a redirect to a "Welcome to Xfinity" site telling you to download the app and activate internet.   

Official Employee

 • 

2.4K Messages

Thanks for those additional details. Are you using a firewall at all? What browser are having issues with accessing the websites on? Here is a link to help with some security settings on your Xfinity modem, https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security.

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

1 Message

2 months ago

I am seeing the same issue. Please share info if this was resolved. Thanks. 

Official Employee

 • 

1.4K Messages

Hi there, @user_ofjaq0 I'm very sorry for the trouble you are having with your service. Since it's been a few days since you last posted, are you still having the same errors, if so please don't hesitate to reach back out.-Richard

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

6 Messages

@user_ofjaq0​ This was NOT resolved.  Matter of fact, I had to restart my computer twice just to get past the error to these forums.  Still no one can tell me what this redirect error is, but it is new since the gateway was replaced by Xfinity.  I've tried everything with countless restarts, network settings, firewall adjustments, turning off firewall, and everything else.  The error is on all devices including Apple, Android, and Windows.  Adjusting the security settings has not fixed the issue.  

Honestly I'm frustrated with Xfinity for just telling me to "restart" every time I called so I have just about given up.  Because the gateway they made me trade in did not have these issues, my best guess is a hardware issue?  That doesn't make sense, but maybey I'll go into Xfinity and make them replace the gateway.

Official Employee

 • 

1.1K Messages

 

user_6vdjgz Were you able to get your modem replaced to see if this error keeps coming up?

 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

6 Messages

@XfinityShawn​ I have not had time to do that yet.  Issue is still occurring.  

1 Message

2 months ago

I am having the same issue after installing a new modem from Comcast. Before setup every site visited was being redirected to 'https://susi.comcast.net'. The same access issue was happening during setup because my phone was connected to my router which was getting its internet access through the modem. This resulted in the setup failing until I disconnected from my WiFi and used my cell data to finish the setup. Even after setup some sites would load, but then there are many that would not with an error about the certificate being invalid.

I work in DevOps and after researching the issue a little bit it looks like Comcast has set up something on the modem/gateway that is trying to be helpful in redirecting traffic from your network to their webpage to prevent network access until you to open the xfinity mobile app to finish setting up the modem/gateway. The site it redirects to 'https://susi.comcast.net' is not one that can be found on the web because it does not exist publicly and is only accessible when the modem/gateway has a control of where to send this traffic. I am imagining that this protects a modem from working for just anyone who may decide to take the device and try to use it elsewhere. The extra layer of issues here is that the certificate for the domain is issued by Comodo which may or may not be a certificate authority that your computer's system or browser recognizes. 

There are other factors that contribute to this redirect still happening after setup that could be related to browser cert stores, cache, and operating system cert stores, but I won't go into all of those and put everyone to sleep.

To resolve the certificate error part of the issue you will need to add the root certificate from Comodo to your system certificate/keychain. You can see the certificate authority for the cert by viewing the certificate details in your browser. I use Chrome and I would provide a screenshot but the WYSIWYG editor is not allowing it. Click on the 'Not Secure' icon or button to the left of the domain name in the URL/Address bar. Select to view the certificate details. And then go to the details tab to view the certificate chain with susi.comcast.net at the bottom and the certificates that lead back to the root authority.

You can save the root authority for Comodo and import it into your system certificate stores, or you can go to the Comodo website and download the root certificate authority files from them.

The reason this is not a consistent issue for all users is because it depends on the individual system's trusted certificate authorities and if it has the specific Comodo certificate authority file installed. This will allow your sites to finish the redirect without getting hung up on a cert error, but Comcast will need to address issues when the page is still loading even after setup is completed.

6 Messages

Thank you!  I understood maybe 1/3 of that, but it does sound logical in that it is an Xfinity “tool” on the new gateway that wasn’t on the old one.  That also might explain why I was forced to trade in my old gateway because of this new “tool”.  I’ll see if I can follow your directions well enough to fix the issue, but I’m very appreciative of someone finally having a specific theory here!

forum icon

New to the Community?

Start Here