×

Switch Account

The server you are connected to is using a security certificate that CAN NOT BE VERIFIED.

The server you are connected to is using a security certificate that CAN NOT BE VERIFIED.

SOLVED
Reply
Highlighted
Contributor EmilyGPS
Contributor
Posts: 1
Registered: ‎10-14-2013

I am having the same issue with the certificate error - this started about a week ago if not a bit longer -  and I am one of those using the Yahoo portal.  It sounds like there is nothing we "users" can do; this has to be fixed by Yahoo or Verizon folks.  Is that where this discussions stands?

Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 145
Registered: ‎09-02-2010

Are you installing the Outlook 2007 updates? We get them all the time and yet we have Outlook 2003 I wonder if they are not part of the problem.

 

The issues began about the time of the updates from MS.

Highlighted
Copper Contributor Beelzy
Copper Contributor
Posts: 9
Registered: ‎09-11-2010

I finally took some time to look at the certificate chain here, and found the problem/solution.  The fundamental problem is a missing intermediate CA.  We all have the root CA, but we're missing the intermediate.  I realized that I had the intermediate CA in Firefox, and exported it, then imported it for IE/Outlook to use.  This resolved the issue since it completes the CA chain.  I do not know how most users are supposed to find and import this intermediate CA since it does not automatically come from Microsoft.  See below for the complete certificate chain:

 

ROOT (we all probably have this root CA)

Subject:
CN = Baltimore CyberTrust Root
OU = CyberTrust
O = Baltimore
C = IE
Issuer:
CN = Baltimore CyberTrust Root
OU = CyberTrust
O = Baltimore
C = IE

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 

INTERMEDIATE (most users are probably missing this intermediate CA)

Subject:
CN = Cybertrust Public SureServer SV CA
O = Cybertrust Inc
Issuer:
CN = Baltimore CyberTrust Root
OU = CyberTrust
O = Baltimore
C = IE

 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 

LEAF (so Outlook is seeing this certificate and can't find the issuer intermediate CA)

Subject:

CN = outgoing.yahoo.verizon.net
OU = Messaging
O = Verizon Data Services LLC
L = Grapevine
S = Texas
C = US

Issuer:

CN = Cybertrust Public SureServer SV CA
O = Cybertrust Inc

 

 

 

Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 145
Registered: ‎09-02-2010

Is this something we can fix ourselves? That must sound stupid, I just don't know enough and had to ask.

Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 4,437
Registered: ‎12-16-2012
Message 25 of 47
(22,417 Views)

@Beelzy wrote:

It is not an issue with a missing root provider.  And the certificate is owned by Verizon, not Yahoo.  And people need to stop discussing non-SSL and non-VerizonYahoo settings in this thread.  As I said many posts above, it  appears that the certificate itself is invalid. 

 

Issuer:

CN = Cybertrust Public SureServer SV CA
O = Cybertrust Inc

 

Valid From:

‎Tuesday, ‎August ‎06, ‎2013 3:47:49 PM

 

Valid To:

‎Tuesday, ‎October ‎06, ‎2015 12:10:54 AM

 

Subject:

CN = outgoing.yahoo.verizon.net
OU = Messaging
O = Verizon Data Services LLC
L = Grapevine
S = Texas
C = US

 

Key Usage: (this appears to be a problem)

Digital Signature, Key Encipherment (a0)

 

This certificate chain appears to be processing and ending with this certificate at the root (no higher level certificate in the path).


Certificate chain doesn't end threre, but why the processing doesn't complete is a question.  It clearly has Cybertrust Public SureServer SV CA as the issuer, and should be processing that chain.  The intermediate should not have to be manually loaded, but can be as I see you say you did in another thread.  Note a possible solution, which I don't recommend the faint of heart trying is to delete the root certificate for cybertrust and see if the chain will than properly load as it should on a Windows Vista or Windows 7 machine.

 

ps:  Note which email client's have this problem.  Some manage there own certificates and may need certificate update. Several CYBERTRUST certificates recently expired, so if you have one that is expired you may need to install the updates.  Not sure the best source, perhaps Microsoft Certificate Store, perhaps from Cybertrust itself.

Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 145
Registered: ‎09-02-2010
Message 26 of 47
(22,401 Views)

I understand your concern, however Verizon needs to understand this is a great inconvenience to many paying customers of Verizon and Fios.

 

The Certificate is being read as a Fraudulent Certificate in its properties. There is no way a client or paying customer can correct this themselves.

 

I understand your security concerns and try to understand ours.

 

A Verizon Tech remotely reset our ports and SSL options so our email worked however he never told us or explained it was now AN UNSECURED email service.

 

That is just swell! Our security was compromised by a Verizon Tech who we trusted to correct of fix our email.

 

Again I understand your security issues.Then please understand until I posted on here we were converted to an unsecured email service by a Verizon Tech and WE HAD NO IDEA this had been done. 

 

WHO KNOWS WHAT KIND OF PROBLEMS AND ISSUES WE WOULD HAVE ENCOUNTERED as a result of this known problem that has not been corrected or addressed until we brought it up here.

 

Some other services have failed to protect their clients and security and it made the media. Google has been in several articles and publications for a similar issue. 

 

Verizon has been the best ISP we ever had it would be sad to think Verizon is compromising its service and security to its clients to safe money.  

 

 

Highlighted
Contributor zeroday1
Contributor
Posts: 3
Registered: ‎12-09-2012
Message 27 of 47
(22,405 Views)

Customer's Beware!    Smiley Sad

 

Verizon email server's are riddled with bad certificate warnings within multiple browsers...

 

Verizon's {please keep your posts courteous} support staff would rather 'save face' than admit there is a problem with the site...

 

Verizon telling customer's that its a problem with their pc's when clearly each browser warning I've gotten specifically states that it is a problem with the site using bad ssl certificate, invalid, etc...

 

These warnings have popped up within the latests versions of Firefox, Internet Explorer, and Comodo Dragon...

 

Verizon won't even acknowledge their is a problem unless your complaint hits the spotlight...

 

If enough formal complaints are made, that just might prompt Verizon to actually get up off that "warrior-arm-chair" of theirs' and crack the whip on their own technicians to be more on top of these major security issues, rather than simply assigning blame to end-users because they're too big for their own good, too busy to address concerns about how their servers incorrectly interact with the most popular and most trusted browsers on the net...

 

Stop pretending there is not an issue with the website...Intead just figure out the problem and please just fix it already!!!   Smiley Mad

 

 

ATTN:  Customers 

 

In most instances, this will not be a problem with your computers or that they have a bad certificate...rather it is a problem with Verizon's website and how they obtain and update their certificates, of which we have yet to see them fix...   Smiley Frustrated

 

Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 145
Registered: ‎09-02-2010
Message 28 of 47
(22,361 Views)

Zeroday1,

 

Nicely stated, like a many of us we just don't visit or count on one forum. The Verizon Certificate is being brought up and discussed all over the WWW.

 

It is no secret now, what has been shared here and the fact THERE HAVE BEEN NO RESULTS OR RESOLUTION from Verizon is spreading as fast as the WWW can tell a story. 

 

This is going to impact Verizon in ways they would not want to go, their complete lack of help, answers, resolution is alien to all their Customer Service Commercials on all the national medias.

 

It is no secret, THE WORD IS OUT ON MANY FORUMS, the only way they can fix their bad public image and poor public service is to fix the Certificate and soon.

 

"The Certificate is being read as a Fraudulent Certificate in its' properties. There is no way a client or paying customer can correct this themselves."

 

Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 145
Registered: ‎09-02-2010
Message 29 of 47
(22,354 Views)

I just was sent this link, several people found it and forwarded to us. People were complaining to Verizon already in 2011 about the Security Certificate, and have been complaining for at least 2 years.

 

http://forums.verizon.com/t5/Verizon-net-Email/Security-Certificate-Errors/td-p/312677

Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 4,437
Registered: ‎12-16-2012
Message 30 of 47
(22,329 Views)

@Friendly wrote:

I just was sent this link, several people found it and forwarded to us. People were complaining to Verizon already in 2011 about the Security Certificate, and have been complaining for at least 2 years.

 

http://forums.verizon.com/t5/Verizon-net-Email/Security-Certificate-Errors/td-p/312677



If Beelzy's posts are right, then the error is on your Computer.  The Verizon certificate is valid, and its your computer that is missing the necessary certificates  (intermediate/root) to verify the Certificate.  Note I am not having the problem using windows live mail and Thunderbird. 

 

As noted for some other non-verizon posts getting similar errors at least one of the root/intermediate Certificates for Cybertrust expired in August.  New ones were issued quite awhile ago but perhaps Outlook 2003 is not updating, and XP users need to update there's to at least this years Microsoft Root certificate package.

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.


Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.