Bitcoin Forum
December 04, 2016, 10:20:01 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Dwolla's SSL certificate has been revoked  (Read 5244 times)
rate5
Full Member
***
Offline Offline

Activity: 147


PGP 0x28F5EC01


View Profile WWW
July 22, 2012, 02:04:49 AM
 #1

Anyone else getting a "certificate has been revoked" message when they visit https://www.dwolla.com ?


Buy domain names with Bitcoin!  domains4bitcoins.com  - Free Privacy Protection, DNS, Domain Forwarding, Mail Forwarding, & Domain Theft Protection!  Cool
1480846801
Hero Member
*
Offline Offline

Posts: 1480846801

View Profile Personal Message (Offline)

Ignore
1480846801
Reply with quote  #2

1480846801
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
finkleshnorts
Sr. Member
****
Offline Offline

Activity: 336



View Profile
July 22, 2012, 02:05:54 AM
 #2

yep
eleuthria
Legendary
*
Offline Offline

Activity: 1750


BTC Guild Owner


View Profile WWW
July 22, 2012, 02:06:41 AM
 #3

Not getting that warning on my end, using Chrome.  Certificate signed by VeriSign, and valid thru June 2013.

R.I.P. BTC Guild, 2011 - 2015.
BTC Guild Forum Thread
Gladamas
Sr. Member
****
Offline Offline

Activity: 294


Bitcoin today is what the internet was in 1998.


View Profile
July 22, 2012, 02:06:53 AM
 #4

Hmm. I'm in Washington State, U.S.A., it seems fine here. Using Chrome on Windows 7.

1GLADMZ5tL4HkS6BAWPfJLeZJCDHAd9Fr3 - LQ6Zx8v7fHVBiDX5Lmhbp6oEDB7dUFjANu
GPG 0xF219D5BB3C467E12 - Litecoin Forum
BCB
CTG
VIP
Legendary
*
Offline Offline

Activity: 966


BCJ


View Profile
July 22, 2012, 02:08:02 AM
 #5

Not getting that warning on my end, using Chrome.  Certificate signed by VeriSign, and valid thru June 2013.

Only on Firefox

"Peer's Certificate has been revoked."

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:08:53 AM
 #6

I'm getting the error here on Chrome(latest version and proper fucking settings  Kiss )  win 7 64  and on IE9 and in Firefox 14.01;

Secure Connection Failed
        
          An error occurred during a connection to www.dwolla.com.

Peer's Certificate has been revoked.

(Error code: sec_error_revoked_certificate)

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
EnergyVampire
Full Member
***
Offline Offline

Activity: 210



View Profile
July 22, 2012, 02:10:25 AM
 #7

I'm getting revoked certificate on FireFox & Opera.

rate5
Full Member
***
Offline Offline

Activity: 147


PGP 0x28F5EC01


View Profile WWW
July 22, 2012, 02:11:30 AM
 #8

Not getting that warning on my end, using Chrome.  Certificate signed by VeriSign, and valid thru June 2013.

Looks like some versions of Chrome no longer check revoked SSL certificates:

https://www.computerworld.com/s/article/9224078/Google_Chrome_will_no_longer_check_for_revoked_SSL_certificates_online

Buy domain names with Bitcoin!  domains4bitcoins.com  - Free Privacy Protection, DNS, Domain Forwarding, Mail Forwarding, & Domain Theft Protection!  Cool
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:17:15 AM
 #9

Not getting that warning on my end, using Chrome.  Certificate signed by VeriSign, and valid thru June 2013.

Looks like some versions of Chrome no longer check revoked SSL certificates:

https://www.computerworld.com/s/article/9224078/Google_Chrome_will_no_longer_check_for_revoked_SSL_certificates_online

aye, it does not check revokes in real time any more, but should update the list of revokes if you have the updates on in Chrome..

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:19:53 AM
 #10

strange there is nothing popping up on google about it. Anyone check the CA server, etc? Is it a fluke or Dwolla being hacked or what?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
ArticMine
Legendary
*
Offline Offline

Activity: 1792


Monero Core Team


View Profile
July 22, 2012, 02:23:44 AM
 #11

Yes verified on Firefox 14.01 (Ubuntu 12.04)
IE 9 (Windows 7)
GNOME Web Browser 2.22.2 (gNewSense 2.3)

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
July 22, 2012, 02:23:54 AM
 #12

From Symantic/Verisign:

www.dwolla.com is successfully secured by an SSL certificate. The following certificates are correctly installed:
 ------Certificate 1------ --Issued To-- Organization: Dwolla Corp. Organizational Unit: Terms of use at www.verisign.com/rpa (c)05 Organizational Unit 2: Online Services Common Name: www.dwolla.com Locale: Des Moines, Iowa Country: US  --Issued By-- Organization: VeriSign,, Inc. Organizational Unit: Terms of use at https://www.verisign.com/rpa (c)06 Organizational Unit 2: VeriSign Trust Network Common Name: VeriSign Class 3 Extended Validation SSL SGC CA Country: US  Valid from Mon Jun 20 20:00:00 EDT 2011 to Thu Jun 20 19:59:59 EDT 2013 Serial Number (hex): 2b2cb56f093c54a0f949376955ebc220 -------------------------  -
-----Certificate 2------ --Issued To-- Organization: VeriSign,, Inc. Organizational Unit: Terms of use at https://www.verisign.com/rpa (c)06 Organizational Unit 2: VeriSign Trust Network Common Name: VeriSign Class 3 Extended Validation SSL SGC CA Country: US  --Issued By-- Organization: VeriSign,, Inc. Organizational Unit: (c) 2006 VeriSign,, Inc. - For authorized use only Organizational Unit 2: VeriSign Trust Network Common Name: VeriSign Class 3 Public Primary Certification Authority - G5 Country: US  Valid from Tue Nov 07 19:00:00 EST 2006 to Mon Nov 07 18:59:59 EST 2016 Serial Number (hex): 2c48dd930df5598ef93c99547a60ed43 -------------------------
 ------Certificate 3------ --Issued To-- Organization: VeriSign,, Inc. Organizational Unit: (c) 2006 VeriSign,, Inc. - For authorized use only Organizational Unit 2: VeriSign Trust Network Common Name: VeriSign Class 3 Public Primary Certification Authority - G5 Country: US  --Issued By-- Organization: VeriSign,, Inc. Organizational Unit: Class 3 Public Primary Certification Authority Country: US  Valid from Tue Nov 07 19:00:00 EST 2006 to Sun Nov 07 18:59:59 EST 2021 Serial Number (hex): 250ce8e030612e9f2b89f7054d7cf8fd ------------------------- 


On another note...
"Dwolla.com wants to track your physical location."

... That's new for me.

Don't mix your coins someone said isn't legal
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
July 22, 2012, 02:24:43 AM
 #13

I was literally just about to get around to deleting my account. It was the first time I visited the page in months. They sensed it.
EnergyVampire
Full Member
***
Offline Offline

Activity: 210



View Profile
July 22, 2012, 02:30:30 AM
 #14

strange there is nothing popping up on google about it. Anyone check the CA server, etc? Is it a fluke or Dwolla being hacked or what?

Sounds like the "disruptor" is getting disrupted. Tongue

Dwolla hasn't commented on Twitter either, their last comment was about 1 hour ago.

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:32:01 AM
 #15

Could it just be that the OCSP server is down and not able to check it?  Not sure what OCSP servers there are or whether your browser has predefined ones it would sue or the site would point to one though....

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 22, 2012, 02:35:02 AM
 #16

Could it just be that the OCSP server is down and not able to check it?  Not sure what OCSP servers there are or whether your browser has predefined ones it would sue or the site would point to one though....
No, because an OCSP error is usually a softfail, and will be noted as OCSP unreachable. This error means that specific action has been taken to revoke the certificate.

Wonder if a hacker broke in.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:50:06 AM
 #17

Could it just be that the OCSP server is down and not able to check it?  Not sure what OCSP servers there are or whether your browser has predefined ones it would sue or the site would point to one though....
No, because an OCSP error is usually a softfail, and will be noted as OCSP unreachable. This error means that specific action has been taken to revoke the certificate.

Wonder if a hacker broke in.

rgr.

Since Symantic/Verisign list Dwolla has having a valid cert, what is the cert that is getting check and reporting as being revoked? Anyone able to grab the cert that is there now?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 22, 2012, 02:55:45 AM
 #18

Could it just be that the OCSP server is down and not able to check it?  Not sure what OCSP servers there are or whether your browser has predefined ones it would sue or the site would point to one though....
No, because an OCSP error is usually a softfail, and will be noted as OCSP unreachable. This error means that specific action has been taken to revoke the certificate.

Wonder if a hacker broke in.

rgr.

Since Symantic/Verisign list Dwolla has having a valid cert, what is the cert that is getting check and reporting as being revoked? Anyone able to grab the cert that is there now?
That's what's confusing me; I manually downloaded the most recent CRL and I couldn't find Dwolla's serial number in there. I don't know if it's possible for "just anyone" to revoke a certificate; I was under the impression that the issuer had to do so. The CRL distribution point should be http://evintl-crl.verisign.com/EVIntlT1.crl (I think). EDIT: It's http://EVIntl-crl.verisign.com/EVIntl2006.crl

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 02:58:44 AM
 #19

Could it just be that the OCSP server is down and not able to check it?  Not sure what OCSP servers there are or whether your browser has predefined ones it would sue or the site would point to one though....
No, because an OCSP error is usually a softfail, and will be noted as OCSP unreachable. This error means that specific action has been taken to revoke the certificate.

Wonder if a hacker broke in.

rgr.

Since Symantic/Verisign list Dwolla has having a valid cert, what is the cert that is getting check and reporting as being revoked? Anyone able to grab the cert that is there now?
That's what's confusing me; I manually downloaded the most recent CRL and I couldn't find Dwolla's serial number in there. I don't know if it's possible for "just anyone" to revoke a certificate; I was under the impression that the issuer had to do so. The CRL distribution point should be http://evintl-crl.verisign.com/EVIntlT1.crl (I think). EDIT: It's http://EVIntl-crl.verisign.com/EVIntl2006.crl


Verisign shows it as revoked; https://securitycenter.verisign.com/celp/enroll/searchCertDetails?issuerSerial=027604bed5c781846325897410d66ecc&application_locale=VRSN_US

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 22, 2012, 03:01:34 AM
 #20

Link doesn't work for me; Serial that I have is ‎2b 2c b5 6f 09 3c 54 a0 f9 49 37 69 55 eb c2 20 Huh

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!