This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS scanning Web Protection SSL error ERR_CERT_COMMON_NAME_INVALID

After Google has updated Chrome to 58.0.3029.81 , we now have problems accessing websites google, yahoo, bing when SSL decryption and safe search is enabled.

We are getting the error below:

Your connection is not private

Attackers might be trying to steal your information from www.bing.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID

Adding an HTTPS Decryption exception for search engines is a workaround.

Anyone has the same problem ?

This thread was automatically locked due to age.

Parents

0 JohnFox over 8 years ago

I just started to have this problem when trying to access google.com

To verify that it was the XG firewall, I connected a computer directly to my cable modem and did not have any problem.

I tried to enter an exception but it does not seem to be working. Perhaps I entered it the wrong way or into the wrong place. Here is a screen-shot of what I enteredA

Here is what I see in chrome:

Your connection is not private

Attackers might be trying to steal your information from www.google.com (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID

Subject: *.c.docs.google.com

Issuer: Google Internet Authority G2

Expires on: Oct 19, 2017

Current date: Aug 3, 2017

PEM encoded chain:-----BEGIN CERTIFICATE-----
MIIJlzCCCH+gAwIBAgIISd7l7wMwLhowDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTcwNzI3MjMzNzAwWhcNMTcxMDE5MjMzNzAw
WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTKi5j
LmRvY3MuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMUe47qJtaj6sCLprbMb/WqLJnYaoEsjr5oXshq3AepEC3nXzCsGcJAuag5uDzRz
tlUxI7mfurYr+6KqaciMCGxsGmdpZoMCx+AYFRCSQgA52Vf0RX8pyhmFy/kbrIj5
YOFd5VKUh8whfyfUBGu+oRRLTU22TOsDvUxn4sGWIt0MVg03C3xOlj/UjmvupnOn
jg5mhc+Igs4IKcaFFfExEILymDUa+A4h6tlLrDGyC/ljV950x0LhAiRtv8stq1bG
tWziqDrW3+2RefKejylz7OdVRfV4NR0HPTg2h8Dz/qNkn2ZDzgS4NEtYI8GlGS9I
QgQ5Izztnhrhk3wPgaDsqQECAwEAAaOCBl0wggZZMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjCCBSkGA1UdEQSCBSAwggUcghMqLmMuZG9jcy5nb29nbGUu
Y29tghQqLmExLmdvb2dsZXZpZGVvLmNvbYIMKi5jLjJtZG4ubmV0ghsqLmMuYmln
Y2FjaGUuZ29vZ2xlYXBpcy5jb22CEyouYy5jaGF0Lmdvb2dsZS5jb22CJyouYy5k
b2MtMC0wLXNqLnNqLmdvb2dsZXVzZXJjb250ZW50LmNvbYIUKi5jLmRyaXZlLmdv
b2dsZS5jb22CEyouYy5nb29nbGV2aWRlby5jb22CFCouYy5pbmJveC5nb29nbGUu
Y29tghMqLmMubWFpbC5nb29nbGUuY29tghsqLmMub2ZmbGluZS5tYXBzLmdvb2ds
ZS5jb22CEyouYy5wYWNrLmdvb2dsZS5jb22CEyouYy5wbGF5Lmdvb2dsZS5jb22C
FCouYy52aWRlby5nb29nbGUuY29tgg8qLmMueW91dHViZS5jb22CGiouY2FjaGUx
LmMuZG9jcy5nb29nbGUuY29tghoqLmNhY2hlMS5jLnBsYXkuZ29vZ2xlLmNvbYIb
Ki5jYWNoZTEuYy52aWRlby5nb29nbGUuY29tghYqLmNhY2hlMS5jLnlvdXR1YmUu
Y29tghoqLmNhY2hlMi5jLmRvY3MuZ29vZ2xlLmNvbYIaKi5jYWNoZTIuYy5wbGF5
Lmdvb2dsZS5jb22CGyouY2FjaGUyLmMudmlkZW8uZ29vZ2xlLmNvbYIWKi5jYWNo
ZTIuYy55b3V0dWJlLmNvbYIaKi5jYWNoZTMuYy5kb2NzLmdvb2dsZS5jb22CGiou
Y2FjaGUzLmMucGxheS5nb29nbGUuY29tghsqLmNhY2hlMy5jLnZpZGVvLmdvb2ds
ZS5jb22CFiouY2FjaGUzLmMueW91dHViZS5jb22CGiouY2FjaGU0LmMuZG9jcy5n
b29nbGUuY29tghoqLmNhY2hlNC5jLnBsYXkuZ29vZ2xlLmNvbYIbKi5jYWNoZTQu
Yy52aWRlby5nb29nbGUuY29tghYqLmNhY2hlNC5jLnlvdXR1YmUuY29tghoqLmNh
Y2hlNS5jLmRvY3MuZ29vZ2xlLmNvbYIaKi5jYWNoZTUuYy5wbGF5Lmdvb2dsZS5j
b22CGyouY2FjaGU1LmMudmlkZW8uZ29vZ2xlLmNvbYIWKi5jYWNoZTUuYy55b3V0
dWJlLmNvbYIaKi5jYWNoZTYuYy5kb2NzLmdvb2dsZS5jb22CGiouY2FjaGU2LmMu
cGxheS5nb29nbGUuY29tghsqLmNhY2hlNi5jLnZpZGVvLmdvb2dsZS5jb22CFiou
Y2FjaGU2LmMueW91dHViZS5jb22CGiouY2FjaGU3LmMuZG9jcy5nb29nbGUuY29t
ghoqLmNhY2hlNy5jLnBsYXkuZ29vZ2xlLmNvbYIbKi5jYWNoZTcuYy52aWRlby5n
b29nbGUuY29tghYqLmNhY2hlNy5jLnlvdXR1YmUuY29tghoqLmNhY2hlOC5jLmRv
Y3MuZ29vZ2xlLmNvbYIaKi5jYWNoZTguYy5wbGF5Lmdvb2dsZS5jb22CGyouY2Fj
aGU4LmMudmlkZW8uZ29vZ2xlLmNvbYIWKi5jYWNoZTguYy55b3V0dWJlLmNvbYIR
Ki5nb29nbGV2aWRlby5jb22CDyouZ29vZ2xlemlwLm5ldIIKKi5ndnQxLmNvbYIV
Ki54bi0tbmdzdHItbHJhOGouY29tghN4bi0tbmdzdHItbHJhOGouY29tMGgGCCsG
AQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29tL0dJ
QUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5jb20v
b2NzcDAdBgNVHQ4EFgQU1C5ABgGHIvL85RoZVUznmnyc6i0wDAYDVR0TAQH/BAIw
ADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAhBgNVHSAEGjAYMAwG
CisGAQQB1nkCBQEwCAYGZ4EMAQICMDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9w
a2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcNAQELBQADggEBAEjc9ss6
d6YZATXT3DwlE7dpP25x2Yb6V9z8tbfpCON5tYmPiEQcAmGRBWqorKqROi5MrNeB
Z+E5NxDK9eOy8uN64kkMqs8VhPLaOiyNBGNWK/hkaOMxhD+FH5xVlXWZfSjJ2LyC
BhGdx+s5oZTiTQT/+zzrnzzCRmQoIGPmmxebM9TuIssPMZdDkEIqnwpk/m3EmQID
vYNusPM4m4oIyo+svBBFB4HLZ+PuYlMKnIZUgy8mmeS8w4nx+Ph1Gku6pQ9tws7C
1sPxDIwFRPfVoPu48iA3vEFu9jnKjImCmht7xlylAlmn5Xv2kF5yZEIzSPsiYlET
0mKk/LqPy5jmWNk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEKDCCAxCgAwIBAgIQAQAhJYiw+lmnd+8Fe2Yn3zANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE3MDUyMjExMzIzN1oXDTE4MTIzMTIzNTk1
OVowSTELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMT
HEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcKgR3XNhQkToGo4Lg2FBIvIk/8RlwGohGfuCPxfGJziHu
Wv5hDbcyRImgdAtTT1WkzoJile7rWV/G4QWAEsRelD+8W0g49FP3JOb7kekVxM/0
Uw30SvyfVN59vqBrb4fA0FAfKDADQNoIc1Fsf/86PKc3Bo69SxEE630k3ub5/DFx
+5TVYPMuSq9C0svqxGoassxT3RVLix/IGWEfzZ2oPmMrhDVpZYTIGcVGIvhTlb7j
gEoQxirsupcgEcc5mRAEoPBhepUljE5SdeK27QjKFPzOImqzTs9GA5eXA37Asd57
r0Uzz7o+cbfe9CUlwg01iZ2d+w4ReYkeN8WvjnJpAgMBAAGjggERMIIBDTAfBgNV
HSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1
dvWBtrtiGrpagS8wDgYDVR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEBBCIwIDAeBggr
BgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAw
NQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9i
YWwuY3JsMCEGA1UdIAQaMBgwDAYKKwYBBAHWeQIFATAIBgZngQwBAgIwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQDKSeWs
12Rkd1u+cfrP9B4jx5ppY1Rf60zWGSgjZGaOHMeHgGRfBIsmr5jfCnC8vBk97nsz
qX+99AXUcLsFJnnqmseYuQcZZTTMPOk/xQH6bwx+23pwXEz+LQDwyr4tjrSogPsB
E4jLnD/lu3fKOmc2887VJwJyQ6C9bgLxRwVxPgFZ6RGeGvOED4Cmong1L7bHon8X
fOGLVq7uZ4hRJzBgpWJSwzfVO+qFKgE4h6LPcK2kesnE58rF2rwjMvL+GMJ74N87
L9TQEOaWTPtEtyFkDbkAlDASJodYmDkFOA/MgkgMCkdm7r+0X8T/cKjhf4t5K7hl
MqO5tzHpCvX2HzLc
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
-----END CERTIFICATE-----

Automatically send some system information and page content to Google to help detect dangerous apps and sites. Privacy policy

ReloadHIDE ADVANCED

www.google.com normally uses encryption to protect your information. When Google Chrome tried to connect to www.google.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be www.google.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

You cannot visit www.google.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.
Cancel
Vote Up 0 Vote Down

Cancel
0 Rick Leslie over 8 years ago in reply to JohnFox

Hi John,

FWIW: I assume that you have installed the certificate for your firewall into Google Chrome?

It might be worth re-importing it in case the certificate has been regenerated on the firewall or corrupted on the computer.
Cancel
Vote Up 0 Vote Down

Cancel
0 JohnFox over 8 years ago in reply to Rick Leslie

Yes, I do have the certificate installed.

I think the problem was that the DNS server running on my domain controller got screwed up. I flushed the cache, rebooted my computer and all seems to be working now.

Thanks for the response.
Cancel
Vote Up 0 Vote Down

Cancel
0 Russell Harris over 8 years ago in reply to JohnFox

Thanks John for this idea. I cleared the cache on my DNS servers and the issue went away. I wasn't even scanning for HTTPS traffic.

Amazing that Sophos can't just tell us up straight the simple solution.

Thanks again,

RH
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Russell Harris over 8 years ago in reply to JohnFox

Thanks John for this idea. I cleared the cache on my DNS servers and the issue went away. I wasn't even scanning for HTTPS traffic.

Amazing that Sophos can't just tell us up straight the simple solution.

Thanks again,

RH
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 JohnFox over 8 years ago in reply to Russell Harris

My pleasure Russel.

Giving Sophos the benefit of the doubt, if they are unable to recreate the problem, I am sure it is very difficult for them to be able to figure out the cause of some problems, especially problems related to the environment in which their solution is running. That is why I wanted to share that resolution with the group, it really wasn't a problem with their software and having them look at their software may not have lead them to this solution.
Cancel
Vote Up 0 Vote Down

Cancel