google is blocking acces to the ISC2 web sites

MikeGlassman · ‎11-16-2020

Morning all,

Getting a certificate error issue when connecting to the web site.

Chrome completly blocks the access due to HSTS issues:

"You cannot visit www.isc2.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

IE allows access but warns that the certificate is invalid.

FireFox allows the connection with no message at all.

Could be a bug if it was just one, but when two give the same issue, then somethings up.

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man

CraginS · ‎11-16-2020

@MikeGlassman wrote:
Morning all,

Getting a certificate error issue when connecting to the web site.

Chrome completly blocks the access due to HSTS issues:

"You cannot visit www.isc2.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

IE allows access but warns that the certificate is invalid.

Mike,

at 7:45 a.m. EST on Monday November 16 I am able to reach both www... and community... using Chrome on a fully updated Chromebook.

Chrome reports the validity period for the site certificate for community... as I type this note as

Issued On

Monday, September 21, 2020 at 7:00:00 PM

Expires On

Wednesday, December 2, 2020 at 6:00:00 AM

Strange to see a certificate period of less than three months.

and the validity period for www.isc2.org as

Issued On

Monday, April 20, 2020 at 7:00:00 PM

Expires On

Saturday, April 2, 2022 at 6:59:59 PM

That one makes more sense.

Craig

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts

AndreaMoore · ‎11-16-2020

@MikeGlassman

Thank you for letting us know! We are looking into this. What version of Chrome are you using?

ISC2 Community Manager

AndreaMoore · ‎11-16-2020

@MikeGlassman can you clear HSTS setting in your browser. Here is a guide we found on google - https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/

ISC2 Community Manager

tearainte · ‎11-16-2020

I'm a Goolger on a Google machine using Chrome browser. I'm having zero issues.

MikeGlassman · ‎11-17-2020

Hi,

I am using the latest version of google chrome 86.0.4240.198

The issue occurred (it seems to have been fixed now) on both Chrome and IE, so this was not just something that was chrome based.

It was odd, and not healthy, but since it seems to have been resolved, it's ok.

By the way, it was resolved without having to clear HSTS settings.

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man

AlecTrevelyan · ‎11-21-2020

@MikeGlassman

If you use Windows 10 and your system was upgraded recently (through Windows update) you might have fallen foul of this issue:

https://www.zdnet.com/article/windows-10-bug-certificates-lost-after-feature-upgrade-were-working-on...

Both Chrome and IE / Edge use the built-in Windows certificate store, so will be affected by any changes to certs in that store. Whereas Firefox (by default) uses its own certificate store. This could explain the behaviour you mention in your first post.

Anyway, glad it's all working for you now!

MikeGlassman · ‎11-22-2020

Hi @AlecTrevelyan ,

I am aware of this issue, but the WS I was using was a Windows 7 machine.

The issue also occurred on three other WS's, two 10, and one 7, so it was an all round issue.

But as I said, since it has resolved itself, it's not an issue anymore.

Mike

Sincerely,

Mike Glassman, CISSP
Iguana man