cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
MikeGlassman
Contributor II

google is blocking acces to the ISC2 web sites

Morning all,

 

Getting a certificate error issue when connecting to the web site.

 

Chrome completly blocks the access due to HSTS issues:

 

"You cannot visit www.isc2.org  right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

 

IE allows access but warns that the certificate is invalid.

 

FireFox allows the connection with no message at all.

 

Could be a bug if it was just one, but when two give the same issue, then somethings up.

 

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man
7 Replies
CraginS
Defender I


@MikeGlassman wrote:

Morning all,

 

Getting a certificate error issue when connecting to the web site.

 

Chrome completly blocks the access due to HSTS issues:

 

"You cannot visit www.isc2.org  right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

 

IE allows access but warns that the certificate is invalid.

 


Mike,

at 7:45 a.m. EST on Monday November 16 I am able to reach both www... and community... using Chrome on a fully updated Chromebook. 

Chrome reports the validity period for the site certificate for community... as I type this note as 

Issued On
Monday, September 21, 2020 at 7:00:00 PM
Expires On
Wednesday, December 2, 2020 at 6:00:00 AM
 
Strange to see a certificate period of less than three months.
 
and the validity period for www.isc2.org as
Issued On
Monday, April 20, 2020 at 7:00:00 PM
Expires On
Saturday, April 2, 2022 at 6:59:59 PM
 
That one makes more sense.
 
Craig
 
D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
AndreaMoore
Community Manager

@MikeGlassman 

 

Thank you for letting us know! We are looking into this. What version of Chrome are you using?




ISC2 Community Manager
AndreaMoore
Community Manager

@MikeGlassman  can you clear HSTS setting in your browser. Here is a guide we found on google - https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/




ISC2 Community Manager
tearainte
Viewer

I'm a Goolger on a Google machine using Chrome browser. I'm having zero issues.
MikeGlassman
Contributor II

Hi,

 

I am using the latest version of google chrome 86.0.4240.198

 

The issue occurred (it seems to have been fixed now) on both Chrome and IE, so this was not just something that was chrome based.

 

It was odd, and not healthy, but since it seems to have been resolved, it's ok.

 

By the way, it was resolved without having to clear HSTS settings.

 

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man
AlecTrevelyan
Community Champion

@MikeGlassman 

 

If you use Windows 10 and your system was upgraded recently (through Windows update) you might have fallen foul of this issue:

 

https://www.zdnet.com/article/windows-10-bug-certificates-lost-after-feature-upgrade-were-working-on...

 

Both Chrome and IE / Edge use the built-in Windows certificate store, so will be affected by any changes to certs in that store. Whereas Firefox (by default) uses its own certificate store. This could explain the behaviour you mention in your first post.

 

Anyway, glad it's all working for you now!

 

MikeGlassman
Contributor II

Hi @AlecTrevelyan ,

 

I am aware of this issue, but the WS I was using was a Windows 7 machine.

 

The issue also occurred on three other WS's, two 10, and one 7, so it was an all round issue.

 

But as I said, since it has resolved itself, it's not an issue anymore.

 

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man