Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    All ProtonMail (proton.me) Sites Give NET::ERR_CERT_AUTHORITY_INVALID

    pfBlockerNG
    1
    3
    576
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • areckethennuA
      areckethennu
      last edited by

      As of today, every site associated with ProtonMail (or proton.me) is coming back with NET::ERR_CERT_AUTHORITY_INVALID (in Brave, Chrome and Edge). Yesterday, everything was fine. Window 10 is fully up-to-date as are all the browsers. Is there anything I need to do in pfSense to make sure their certificate is up-to-date?

      Could the issue be with pfBlocker? If I click on the "Not Secure" icon in the address bar and then on Certificate is Not Valid link, I get:

      "General
      Details
      Common Name (CN) pfSense-pfBNG-DNSBL-6400f6e1a0e4d
      Organization (O) pfBlockerNG DNSBL Self-Signed Certificate
      Organizational Unit (OU) <Not Part Of Certificate>
      Common Name (CN) pfSense-pfBNG-DNSBL-6400f6e1a0e4d
      Organization (O) pfBlockerNG DNSBL Self-Signed Certificate
      Organizational Unit (OU) <Not Part Of Certificate>
      Issued On Thursday, March 2, 2023 at 1:20:01 PM
      Expires On Wednesday, April 3, 2024 at 2:20:01 PM
      SHA-256 Fingerprint F8 B1 87 81 62 05 F0 38 32 FD 9D E9 59 A2 C8 90
      47 46 E1 79 C4 24 69 9B DE D3 F1 B8 74 A5 29 1D
      SHA-1 Fingerprint 35 D6 F7 64 2F 81 03 F1 86 84 04 6D 9C 31 BB 3A
      72 A2 5A F2"

      Which is talking about pfBlocker stuff.

      Just for grins, here's the full error in Brave:

      "Your connection is not private
      Attackers might be trying to steal your information from mail.proton.me (for example, passwords, messages, or credit cards). Learn more
      NET::ERR_CERT_AUTHORITY_INVALID
      mail.proton.me normally uses encryption to protect your information. When Brave tried to connect to mail.proton.me this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be mail.proton.me, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Brave stopped the connection before any data was exchanged.

      You cannot visit mail.proton.me right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

      I'm just a home user with pfSense 23.09-RELEASE (amd64) on a Protecli VP2410

      areckethennuA 1 Reply Last reply Reply Quote 0
      • areckethennuA
        areckethennu @areckethennu
        last edited by

        @areckethennu I think it IS a pfBlocker issue:

        Jun 24 09:06:37 192.168.1.186
        servfail
        HTTPS | HTTPS Unk mail.proton.me ServFail unk
        Jun 24 09:06:37 192.168.1.186
        servfail
        HTTPS | HTTPS Unk mail.proton.me ServFail unk
        Jun 24 09:06:37 192.168.1.186
        TLD_HTTPS
        DNSBL-python | Python LAN mail.proton.me PhishingArmy
        DNSBL_Compilation

        Could someone move this over to the pfBlocker area?

        I'm just a home user with pfSense 23.09-RELEASE (amd64) on a Protecli VP2410

        areckethennuA 1 Reply Last reply Reply Quote 0
        • johnpozJ johnpoz moved this topic from DHCP and DNS on
        • areckethennuA
          areckethennu @areckethennu
          last edited by

          @areckethennu It's probably a bad thing to reply to myself, but I reported this to the Phishing Army list OP and he said he'd fix it shortly. So, hopefully, things will resolve themselves soon.

          I'm just a home user with pfSense 23.09-RELEASE (amd64) on a Protecli VP2410

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.