Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NET::ERR_CERT_DATE_INVALID when accessing https://www.openttd.org/ (even with synchronized time) #6975

Closed
James103 opened this issue Nov 22, 2018 · 2 comments
Closed

NET::ERR_CERT_DATE_INVALID when accessing https://www.openttd.org/ (even with synchronized time) #6975

James103 opened this issue Nov 22, 2018 · 2 comments

Comments

@James103
Copy link
Contributor

Google Chrome 70.0.3538.102 (Official Build) (32-bit) (cohort: Stable) running on Windows 7 Ultimate outputs a error "NET::ERR_CERT_DATE_INVALID" when you try to access https://www.openttd.org/.

According to the error details, the certificate on https://www.openttd.org/ has probably expired.

Reproduction steps:

  1. Synchronize the computer clock with the server clocks (I've tried all 5 servers: time.windows.com (works), time.nist.gov (works), time-nw.nist.gov (timed out), time-a.nist.gov (works), and time-b.nist.gov (works))
  2. Try to access https://www.openttd.org/ (Note: http redirects to https here)
  3. An error is returned with the following text:

"Your connection is not private - Attackers might be trying to steal your information from www.openttd.org (for example, passwords, messages, or credit cards). - NET::ERR_CERT_DATE_INVALID"

Clicking the 'Advanced' button shows the following text underneath:

"www.openttd.org normally uses encryption to protect your information. When Google Chrome tried to connect to www.openttd.org this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be www.openttd.org, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

You cannot visit www.openttd.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

Error details:

Subject: *.openttd.org

Issuer: COMODO RSA Domain Validation Secure Server CA

Expires on: Nov 21, 2018

Current date: Nov 22, 2018

PEM encoded chain:
-----BEGIN CERTIFICATE 1-----
MIIFTzCCBDegAwIBAgIRAJoJgXJOHwtXvsYzRIwgUrEwDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTcxMTAzMDAwMDAwWhcNMTgxMTIxMjM1OTU5WjBaMSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHTAbBgNVBAsTFFBvc2l0aXZlU1NMIFdp
bGRjYXJkMRYwFAYDVQQDDA0qLm9wZW50dGQub3JnMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlXFRth80Bt+WqgDWmYycnKlVmDohVIgdiD2McIb6++ka
66xLXQh/+FxSL+7NHDxtT3hF4nqSido0gAsfvowpjum2EBmJy3wEWoQTeJElvEp7
Pc+AKJ5ej/cdZxYC5qc4GIzE6RnmqpsDfYvzhAaVMtNuRjvTyWjewIwzXQPU4AUi
cMC2aZrvyYxYtox020zk/xKVpURHoZ2HW7Kn+SA14OjwiMhO22mmjUa91OR3vdfj
FnIujNGbRN8AiNABJ52IsA4968jkpK1BquifONjUjSo7v3J0/Y6stonQIE9tbbUT
m8Jz0iAV96P5eLc4ywPkDf25+jJChe4rVN5lQzoOxwIDAQABo4IB1zCCAdMwHwYD
VR0jBBgwFoAUkK9qOpRaC9iQ6hJWc99DtDoo2ucwHQYDVR0OBBYEFJCJgKvo5a9F
qFBIN9Jv3capH+G+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHSAESDBGMDoGCysGAQQBsjEB
AgIHMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BT
MAgGBmeBDAECATBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vY3JsLmNvbW9kb2Nh
LmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3Js
MIGFBggrBgEFBQcBAQR5MHcwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuY29tb2Rv
Y2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAlBgNVHREE
HjAcgg0qLm9wZW50dGQub3JnggtvcGVudHRkLm9yZzANBgkqhkiG9w0BAQsFAAOC
AQEAFG4wNfcn+NT+eY08Gt9swBe/Rq5rYrcbArdoBV66up5tPq7poMdj1dyRVW8a
mz8L/H1/UIqagDkPZtHPLcQn2l9X2w5R4m8Yr8fddEOxKKAsKO+e/G6jQbS/VQje
1TMxHMaVDv3cbWr/W84Fnl8ju4qwc1joWnIWpRnp34FrOmsnAT0SSjsZy/EprR98
amNYcmfjt4foL+BrLE9VGZ7IVEzRTL2HJ8qFsPukVsg8uHJnr4bu5XmwNJcceYVh
nS8YmH0tAABYWIUoA2xXq0FKAqmn+2KsFf44LqyRJ8GFfgG1GU4aCMNOPsR172bi
O+4YPlDUAwq2jaqIOIUWLTF5fA==
-----END CERTIFICATE 1-----
-----BEGIN CERTIFICATE 2-----
MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
+AZxAeKCINT+b72x
-----END CERTIFICATE 2-----
-----BEGIN CERTIFICATE 3-----
MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
NVOFBkpdn627G190
-----END CERTIFICATE 3-----

Revision details of the instance of Google Chrome that produced the error:

Google Chrome version 70.0.3538.102 (Official Build) (32-bit) (cohort: Stable)
Revision: 4bbeebac88fdc09c97265e47c205868bbd190497-refs/branch-heads/3538@{#1077}
OS: Windows
JavaScript: V8 7.0.276.38
Flash: 31.0.0.153 C:\Windows\system32\Macromed\Flash\pepflashplayer32_31_0_0_153.dll
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36
Command Line: "C:\Program Files\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
Executable Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Profile Path: C:\Users\New-User\AppData\Local\Google\Chrome\User Data\Default

Variations: 
411b6d4e-ca7d8d80
b7d3b6c2-3f4a17df
d01ab0d3-ca7d8d80
3e006338-3f4a17df
2b6ab552-ca7d8d80
66df3e9d-7f918788
b7e2524c-1181467f
cc20827f-ca7d8d80
3095aa95-3f4a17df
c27fec31-2d5b6ed9
7c1bc906-f55a7974
9def365c-ca7d8d80
47e5d3db-3d47f4f4
125b7f68-898170a5
d442dfb7-ca7d8d80
9ca1387e-3f4a17df
1149accc-5c943877
4dc30737-b8a5ea08
a582a1b8-ad75ce17
ebbb4e0a-ca7d8d80
e56c5101-7d60f345
267255c3-f4950e99
249dd49a-e4dec117
aa011017-3f4a17df
88a387d2-ee748cef
edbcf7c5-1cc1312c
9b4c4257-ca7d8d80
43f62d3b-20131bcc
3a0563a1-13b68faf
6a82868d-3f4a17df
9e5c75f1-1039a221
6872f671-991e1e1
2b86fd96-3f4a17df
d1cd70a5-ca7d8d80
4ea303a6-ecbb250e
3d7e3f6a-2eb01455
6e6e0c7e-3f17a7d8
d92562a9-4d2fac87
fc369826-ca7d8d80
7aa46da5-c946b150
4da5ae82-91c810ef
2c1d398c-3f4a17df
cc54eb06-20131bcc
58a025e3-36e97b2c
df072bba-ca7d8d80
5586049f-3f4a17df
4bc337ce-7b60a216
1354da85-f1a864dc
494d8760-52325d43
f47ae82a-746c2ad4
3ac60855-486e2a9c
f296190c-6960c22a
4442aae2-75cb33fc
ed1d377-e1cc0f14
75f0f0a0-d7f6b13c
e2b18481-bca011b3
e7e71889-4ad60575
3a8271ac-12c226
b1ceb06f-d1372334
94e68624-803f8fc4
cc73f8a1-ca7d8d80
10a311eb-ca7d8d80
8834fcca-28975df1
6204e469-ca7d8d80
81c6897f-35fec36d
ea0f933d-29e3c6de

Screenshot of whole error message
image
@LordAro
Copy link
Member

LordAro commented Nov 22, 2018

That is an excessive amount of detail for an expired certificate. Not an OpenTTD issue, relevant people have been contacted

@LordAro LordAro closed this as completed Nov 22, 2018
@TrueBrain
Copy link
Member

Tnx for the report @James103 . Indeed, the certificate expired. Normally I am more on point with these things, but I clearly dropped the ball here :P Fixed, and all working again :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@TrueBrain @LordAro @James103