Why is this certificate claimed to have expired?
BD is suddenly claiming that the update server (I guess) for SeaMonkey (everyone's favourite browser, I assume) has an expired certificate.
Below is the notification
~~~~~
Suspicious connection blocked
43 minutes ago
Feature: Online Threat Prevention
seamonkey.exe attempted to establish a connection relying on an expired certificate to updates.seamonkey-project.org. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk.
[Add to exceptions]
~~~~~
Initially SeaMonkey must have initiated the update check itself.
Later I tried browsing to
https://updates.seamonkey-project.org/
The certificate doesn't seem to be expired, although interestingly it does have a start date of yesterday. Could BD be misinterpreting the start date as an expiry date?
Besides that, there are two other things I found unusual (though I have little experience in this area).
- I have never seen a certificate set up with such a short validity period.
- The general information mentions only "aus2-community.mozilla.org" (for the CN); I have to look in details to find "DNS Name: updates.seamonkey-project.org" (as Certificate Subject Alt Name).
Best Answer
-
The certificate looks expired according to SSL Checker:
Or at least one of the root or intermediate certificates has expired.
Premium Security & Bitdefender Endpoint Security Tools user
0
Answers
-
A separate issue is the wording of the message if the user chooses to proceed anyway:
If the user chooses to proceed to view the website despite (say) a nominally expired HTTP certificate, the user should be able to expect that BD would protect them from (say) malicious scripts that may exist on the website.
Yet the above message seems a bit passive-aggressive, like: "You were warned not to visit this site, but if you choose to ignore the warning you won't be protected from anything on that site".
A better message would be like: "You were warned not to visit this site, and after considering the warning, you choose to your discretion to proceed. BD will still try to protect your computer from anything on that site, but the safest option would still be not to visit the site".
0 -
Ah, I see. So even though the specific URL certificate might not have expired, some other 'upline' certificates may have expired…
Although it is still surprising that I have only just seen the warning now, if those 'upline' certificates have supposedly been expired for many months. Maybe SeaMonkey's update process has been changed recently.
0 -
Yes, if we are talking certificates, sometimes, sub-domain URLs which are used for various purposes such as tracking, newsletters, promotional campaigns, etc. are using certificates with another name than the domain used by the main website, and this may trigger the certificate notification multiple times (suspicious connection blocked) in a short period of time.
Sometimes, the certificate issues are resolved in due time by the website owner and the antivirus detection is removed, but in other cases there can be invalid resources/urls that are no longer being used by the website, had a valid certificate at some point, but this was not renewed for various reasons, or they still don't match the domain's certificate, and in such scenarios the certificate detection may persist.In short, Bitdefender’s Online Threat Prevention module may alert you when you try to visit a secured website (HTTPS) with an invalid security certificate. It often tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection.
You can always check their SSL certificates at :
I appreciate your feedback in regard to the notification wording, dully noted.
Regards
Premium Security & Bitdefender Endpoint Security Tools user
2