Any one else getting this when trying to open P-411????

[Lindsay Lee]

I keep getting this message when trying to log into P-411. I know another provider is getting the same thing too. Anyone else?



The site's security certificate is not trusted!

You attempted to reach*www.preferred411.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Internet cannot rely on for identity information, or an attacker may be trying to intercept your communications.

You should not proceed,*especially*if you have never seen this warning before for this site.

Proceed anyway*Back to safety

[roadfun]

I logged into it just now and did not get the certificate error/warning.

[doug_dfw]

I think your security software had a update and dropped P411 certificate. If you proceed against the warning, we know P411 is secure. Likely you won't see that warning after you log on to P411 which will set up its certificate in your registry.

[Tetas]

^^^
+1

[Lindsay Lee]

Ok!!! Thanks so much!!!

XOXOXO!
;=)

[oldbutstillgoing]

It has nothing to do with your antivirus software. As long as its a site you know and trust go ahead. Its typically a timing issue of the site updating but has not yet synchronized with your browser

[Guest012316]

Just so you know, a certificate error could indicate that someone is intercepting your communications and pretending to be the website that you're trying to visit. I would not ever enter my login information if there's a certificate error. That would just be handing over your login information to a bad guy (or in this case, possibly the police, who are arguably not bad guys, but rather enforcing bad laws).

The error is often an innocent case of things not synching correctly, like OldButStillGoing indicated. But the whole reason we use certificates is to prevent bad guys from being able to step in between you and the website you want to go to with a fake website. This is often called a "man in the middle" cyber attack.

For normal people trying to connect to a non-financial website, I would say go ahead and trust it. For people that are particularly interested in not allowing people to intercept their communications, I would say do not connect to a website with a bad certificate.

[Hillbilly]

Check the time on your PC. If your PC time is not accurate it can cause all sorts of weird things to happen, and I've seen security certificates issues as a result. If it is off, just set it to the correct time and see if your problem goes away.

[phoenixfire_]

I had the same thing this morning!! I hopped out of my chrome browser and over to safari and ... It worked but that was weird

[Lindsay Lee]

It only happened on my Android. Did not come up on my PC.

[Luke Skywalker]

Quote:

Originally Posted by DFW_Loving

Just so you know, a certificate error could indicate that someone is intercepting your communications and pretending to be the website that you're trying to visit. I would not ever enter my login information if there's a certificate error. That would just be handing over your login information to a bad guy (or in this case, possibly the police, who are arguably not bad guys, but rather enforcing bad laws).

The error is often an innocent case of things not synching correctly, like OldButStillGoing indicated. But the whole reason we use certificates is to prevent bad guys from being able to step in between you and the website you want to go to with a fake website. This is often called a "man in the middle" cyber attack.

For normal people trying to connect to a non-financial website, I would say go ahead and trust it. For people that are particularly interested in not allowing people to intercept their communications, I would say do not connect to a website with a bad certificate.

^^^^^^^
Wise words.

The only way this would have been an innocent error was if the error you got was an "expired certificate" error. Other innocent errors: "domain name mismatch" - usually the error allows you to verify the mismatch. For example, the certificate is for www.website.com, but the domain name being accessed was www1.website.com. In innocent errors such as these if you trust the website., go ahead.

However, the error you got is NOT INNOCENT. That error means that the website has a certificate that probably was self-generated. Typical "man in the middle" attack. Unless, of course, P411 decided to generate their own certificate, which I don't believe they did. In fact , I just check and they didn't.

Don't go thru with it LL.

[Guest092216]

I got it yesterday on my phone, but I was at a stoplight not connected to any WiFi or anything. So how does that work then? A "middle man" was trying to intercept comm and get our passwords? Even on mobile devices? I have an android.

Thanks for all the input, guys. Learn something new everyday.

[Luke Skywalker]

The "man in the middle" here usually tries to change the DNS of a website to redirect the website to a different IP. It could also mean that someone hacked P411 and redirected it to another website.

It *could* have been a mistake by the P411 staff, to place a wrong certificate on their server.

Either way, if that was the case, I would imagine Gina would have posted something about it. So I don't think P411 was hacked nor made a mistake. Without investigating further I'm not sure what happened to both of you.

Bottom line is... if the "bad certificate" you get is because of a "not trusted authority", don't login. Other errors might be ok if you know what you're doing. If you are not sure ... don't login. Better safe than sorry.

[Guest092216]

Thanks, Luke.

I definitely don't know what I'm doing. Any info helps. And you're the man who knows.

Edit: Damn I logged in anyway yesterday and didn't get the error message this morning when I logged in but just noticed a little red icon in the address field of my browser so I clicked it and it said the connection isn't secure. Arrrg!!!

So I cleared the settings on the site and now the icon is yellow/gold. Does that mean it's safe?

[rexdutchman]

Do not log in till its fixed , hacking scam ????