How can I display content blocked by an invalid security certificate?
I am using Firefox 30.0 which I installed to replace IE8. I log in to my health insurance site. When I try to go to the Provider Directory Search (PDS), nothing happens. I thought the PDS might be a pop-up so I tried both making the web page a pop-up exception and then also just turning the pop up blocker off completely. Neither helped.
I then tried to access the same PDS page via IE8 and IE8 displayed a “Content was blocked because it was not signed by a valid security certificate” error page. Also, IE8 displayed a bar with options that allowed me to display blocked content regardless of the status of the security certificate. The PDS page then displayed.
I went back to FF30 and tried again. The PDS page did not display and no error message nor options bar was displayed. Next, I tried finding an option related to this problem. Options/Security had nothing for Security Certificates. Options/Advanced/Security seemed to deal with security certificates my copy of FF30 would provide to web sites and not the web sites certificates provided to me. I tried clicking on the “lock” icon of the page from which I should be transferred to the PDS page. The security certificate information displays but I could not see any option that would help me and this is the security certificate from the previous page anyway and not the PDS page that is being blocked.
If I could just get a Security Certificate error to display, I was hoping I would then be given the option of displaying the blocked content anyway. Without even an FF30 error condition being displayed (as does IE8), I am unable to proceed.
Ideas about what to try would be greatly appreciated. Thanks, Claude
Ñemoĩporã poravopyre
After saving the exception, it should appear in the Options/Preferences dialog here:
Windows: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab
Mac: "3-bar" menu button (or Firefox menu) > Preferences > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab
Ignore the ones that have "*" in the server column. Those generally are built-in certificate blocks.
Emoñe’ẽ ko mbohavái ejeregua reheve 👍 0Opaite Mbohovái (14)
URL of that insurance website is? I'd like to take a look at that issue first hand.
Sorry I didn’t provide the URL the first time.
This is where I start my login https://www.uhcretiree.com/
I end up on this site but, of course, I am logged into my personal account. https://member.uhcmedicaresolutions.com/guest/home.html
I noticed that there is a link on https://www.uhcretiree.com/ to search providers BEFORE being logged in. Remarkably, this link works just fine. It is only AFTER I am logged in and attempt to use the links provided for my personal account am I unable to display the PDS page.
From my experience in IE8 where I can get the PDS page to display from within my account, it is pretty clear that the page accessed from the links in personal accounts is different than the page accessed from https://www.uhcretiree.com/ without being logged into any personal account.
I guess my problem is solved in that I can access the PDS somehow but I would still like to access it from within my personal account. I am certain other pages fail in the same way inside my personal account. I am concerned that other web sites may have the same problem.
Sorry I can't find a representative of the page that fails outside my account.
Claude
You can inspect the certificate chain via a site like this:
I was able to find the URL of the page that will not display in FF30 by using IE8 and over-riding the Security Certificate error. The report is below including the URL of the offending page which is:
https://epcp-prod-e-eprovider.uhc.com/uhcms_eps_group.html
There is no surprise that this page has a securitry certificate error. The real question is why won't FF30 display an error message and then let me over-ride the Security Certificate to display the blocked content. Note my comments below since the cut&paste didn't transfer everything.
Error while checking the SSL Certificate!!
The SSL Certificate we found on this site is not meant for epcp-prod-e-eprovider.uhc.com/uhcms_eps_group.html, probably this is another site on the same server.
We advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website.
- No Heart Bleed vulnerability! - SSL Certificate is not expired - Site is not listed in the certificate This is displayed with a warning. - Organisation details are listed - Encryption strength is at least 2048-bit - Signature Algorithm is strong - Accepting only high encryption cipher suites
- No connection upgrade to 128-bit for old browsers - No Extended Validation on company details These are grayed.
- No Debian weak key present - No known security issues for this Certificate Authority
General info
The SSL Certificate for epcprod-e.uhc.com is signed by COMODO High-Assurance Secure Server CA wich is signed by AddTrust External CA Root wich is signed by AddTrust External CA Root . The SSL Certificate will expire on Thursday 25 September 2014 this means it is still valid for 73 days.
Send me a reminder when this SSL Certificate is about to expire.
Hi TrainClaude, are you saying that the third section of the error page (see below) is missing from the error page you get? Or that none of the error page displays?
If that section is missing this typically indicates that the page is framed. Right-click the error page and choose This Frame > Open Frame in New Tab to get the standard error page. This allows you to see the true URL of the framed page before making a decision to grant an exception.
If the page is not shown it could be that the browser is requesting that content in a background (AJAX) request. I'm not aware of a similar workaround in that situation.
No error page is displayed, none at all.
Sounds like it is not an ordinary link. If you try to force it into a new tab using Ctrl+click or middle-click (using the scroll wheel on a mouse) on the link, will it open?
When I Ctrl-Click on the link, a new tab is opened but it remains blank. The tab itself is titled javascript.epsSearch.init('GROUP');
It is usually not possible to open such JavaScript links in a new tab by middle-clicking the link or otherwise (Ctrl left-click) because the tab opens and there is no longer access to the script on the opener tab and you get an empty tab instead. You can only left-click links that have onclick JavaScript code tied to it.
Hmm, that's what I feared. The link action is to run a script, and Firefox apparently is detecting the certificate problem while it is trying to run that script. Instead of showing the new page anyway with a certificate error, it is halting earlier for some reason.
In this case, you can create an exception because you know the problem URL already. But if you didn't have that, I don't know how you would work around it.
Can you tell me where I create this exception? I found several exception lists in FF30 but none seem (to me, anyway) to be the list I need. Thanks.
I think the only convenient way is to load the URL directly and use the built-in Add Exception button on the page. Since you know the URL of the problem site, that should take care of it.
Otherwise, I don't know how you associate the problem certificate with the correct site in the Certificate store.
Ñemoĩporã poravopyre
After saving the exception, it should appear in the Options/Preferences dialog here:
Windows: "3-bar" menu button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab
Mac: "3-bar" menu button (or Firefox menu) > Preferences > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab
Ignore the ones that have "*" in the server column. Those generally are built-in certificate blocks.
Thanks jscher2000! That worked fine. Thanks to all of you.
I noticed that a portion of the "Contact" page, that portion with the actual contact information is displayed in IE8 but not in FF30. Because it is only a portion of a page, I don't know how I'd know in other cases. I'll try the same procedure on this one if I can find the URL for the portion of the Contact page that does not appear. No error from either IE8 or FF30. If I determine it is a different problem, I'll post a new question.
When I checked this on IE8, the only contact information for UHC's web site problems was a phone number and I can't hear very well. No email and no chat. I guess I am not impressed with United Health Care's web site.