SSL Connection Error

Off-topic discussion.
Forum rules
Before you make a topic/post, consider the following:
-Is there a topic for this already?
-Is your post on-topic/appropriate?
-Are you posting in the right forum/following the forum rules?
User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

SSL Connection Error

Postby Kyo » Mon Jul 07, 2014 1:00 pm

Is this where help topics belong nowadays?

Anyway, I've had this problem for a while now. I don't know when exactly and how I got it, but it's extremely annoying and I've searched for a solution for quite some time now, without success. Basically, SLL-supported sites (https) refuse connection which means I cannot connect with sites such as youtube, google, or any e-mail-related website. Captchas won't show up as well and many downloads cannot be implemented successfully, and uploads don't work either. I can access those websites with other mobile devices, but being unable to upload screenshots or levels is quite a pain, as I have to permanently ask other people to do it for me and I feel like those people I'm asking are very likely to get annoyed if this continues.

I've recently gone through a computer reset when I tried to downgrade my windows from 8 to 7, and my computer does run a lot more smoothly now and some erros have been fixed. Previously, I needed a program to open and save text files because they wouldn't open if I click on them. Pretty much everything works perfectly, with the exception of the most important error, namely connecting to https websites. I've searched for a solution and tried out a lot, but nothing worked so far, and if anyone here has an idea how to fix this, please tell me.

Oh, and by the way, this problem does have nothing to do with my browser. I've tried connecting to https sites with five different browsers, Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and Beamrise, but all of them failed.

User avatar
michel
Banned
Posts: 157
Joined: Fri Dec 20, 2013 12:54 pm

Re: SSL Connection Error

Postby michel » Mon Jul 07, 2014 1:02 pm

Your computer's date and time is wrong.

How do you know that you are dealing with the right person or rather the right web site. Well, someone has taken great length (if they are serious) to ensure that the web site owners are who they claim to be. This someone, you have to implicitly trust: you have his/her certificate loaded in your browser (a root Certificate). A certificate, contains information about the owner of the certificate, like e-mail address, owner's name, certificate usage, duration of validity, resource location or Distinguished Name (DN) which includes the Common Name (CN) (web site address or e-mail address depending of the usage) and the certificate ID of the person who certifies (signs) this information. It contains also the public key and finally a hash to ensure that the certificate has not been tampered with. As you made the choice to trust the person who signs this certificate, therefore you also trust this certificate. This is a certificate trust tree or certificate path. Usually your browser or application has already loaded the root certificate of well known Certification Authorities (CA) or root CA Certificates. The CA maintains a list of all signed certificates as well as a list of revoked certificates. A certificate is insecure until it is signed, as only a signed certificate cannot be modified. You can sign a certificate using itself, it is called a self signed certificate. All root CA certificates are self signed.

Your computer will compare your system date to the expiration date of the SSL certificate. If your system time is stuck in the past or so far in the future that it is outside of the SSL certificate expiration date, a secure connection will not be established. This is easily corrected by changing your system time to the current date.
Image
Spoiler: show
Image
Image
Escape Chat: http://23.239.11.184/

SolarStar
Goomba
Goomba
Posts: 2
Joined: Mon Jul 07, 2014 1:12 pm

Re: SSL Connection Error

Postby SolarStar » Mon Jul 07, 2014 1:21 pm

what error are you getting?

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Mon Jul 07, 2014 1:39 pm

I've seen that incorrect date and time is a common cause for SSL connection errors, but that's not the case for me. It's the 7th of july in year 2014, 7:40 PM in my timezone as of now. I'm extremely certain that's correct, since every device I owned is showing exactly the same date. Is it possible that the SSL certificate is already expired despite of the time being correct and is there any way to check that? But thanks, otherwise. That middle paragraph does clear up some stuff.
SolarStar wrote:what error are you getting?
If it's about the error code, it's called "ERR_CONNECTION_REFUSED".

User avatar
michel
Banned
Posts: 157
Joined: Fri Dec 20, 2013 12:54 pm

Re: SSL Connection Error

Postby michel » Mon Jul 07, 2014 2:00 pm

Your firewall may be blocking port 443, used for SSL connections. Make an exception for port 443 in the firewall.

Open Windows Firewall by clicking the Start button Picture of the Start button, and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.

In the left pane, click Advanced settings. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

In the Windows Firewall with Advanced Security dialog box, in the left pane, click Inbound Rules, and then, in the right pane, click New Rule.

Follow the instructions in the New Inbound Rule wizard.


You may also want to forward port 443 if all else fails. http://portforward.com/
Hope that helps.
Image
Spoiler: show
Image
Image
Escape Chat: http://23.239.11.184/

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Tue Jul 08, 2014 11:17 am

My firewall seems to have no issue with port 443. I even temporarily disable my firewall completely to see if anything changes, and port forwarding didn't do anything as well, assuming I actually did it correctly. I'm using an outdated Windows version, 8.0. I really don't want 8.1, but if upgrading could possibly fix this issue, I'll do it. Is the Windows version even relevant to this issue?

User avatar
FallingSnow
Ninji
Ninji
Posts: 822
Joined: Sat Dec 21, 2013 4:32 am
Location: Steam, playing dota or something

Re: SSL Connection Error

Postby FallingSnow » Tue Jul 08, 2014 11:37 am

Considering 8.1 was a highly recommended update full of bug-fixes and improvements, I'm not sure why you wouldn't update to it. Now is it relevant to your problem? I have no idea.

User avatar
michel
Banned
Posts: 157
Joined: Fri Dec 20, 2013 12:54 pm

Re: SSL Connection Error

Postby michel » Tue Jul 08, 2014 11:39 am

I don't even know what could be causing your problem now.
There's one last thing you can do, but I doubt it's going to work.

Go to Control Panel, then navigate to Internet and Networking. Click "Internet Options" to open a menu with configurations for internet. Open the "Content" tab and press the button "Clean SSL state". Then see if the problem is solved (at least with internet explorer)

The names might be a bit off since I'm using a computer in portuguese and I don't know the options' english equivalent

EDIT: Wait, actually, do you use an antivirus? If yes, what antivirus?
Image
Spoiler: show
Image
Image
Escape Chat: http://23.239.11.184/

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Tue Jul 08, 2014 12:30 pm

I just tried to go to control panel, then to network and internet and there was an option to test the connection to a website and tell the exact problem as to why the connection failed. There were two, the first was was called IPsec-negotiation failure. Second is, the remote device refused connection. I clicked "view details". Since I'm using a computer in german, I do not know the exact english names as well, but I'm trying to translate it as accurately as I can.

Found Problems:
"The device and the resource (google.com) is not set up for acceptation of connections on port "https"."

Detection Details:
Network diagnostics log
File name: 65E134F2-629F-4699-9424-2464885167F6.Diagnose.0.etl
Other network configuration and logs:
File name: NetworkConfiguration.cab

Publisher Details:
Windows-network diagnostics
Determines problems with network connectivity.
Package version: 1.0
Publisher: Microsoft Windows
Internet connections
Helps with identification and correction of issues that prevent from connecting with a certain website.
Package version: 1.0
Publisher: Microsoft Corporation


I hope that does clear up or at least give some indication on what the problem could possibly be. Also, unfortunately that last thing didn't do anything as well, assuming I did what you actually told me to correctly. Believe it or not, but I don't have an antivirus currently. After the computer reset, Kaspersky, McAffee and Norton were pre-installed, and I deinstalled all of them and originally wanted to get Avira, which I haven't done so far.
FallingSnow wrote:Considering 8.1 was a highly recommended update full of bug-fixes and improvements, I'm not sure why you wouldn't update to it. Now is it relevant to your problem? I have no idea.
Going to update my computer now to see if anything changes.
E: Store won't open, probably because of the same problem.

User avatar
michel
Banned
Posts: 157
Joined: Fri Dec 20, 2013 12:54 pm

Re: SSL Connection Error

Postby michel » Tue Jul 08, 2014 1:18 pm

That's not what I was expecting. I think you went to the wrong window.
I'll send you a screenshot tutorial on Cleaning SSL State.

1. Open control panel
Image

2. Click here
Image

3. Click here.
Image

4. Click on Contents.
Image

5. Click here
Image

Then tell us results. If it doesn't work, that thing you did might be of help. Can you show us the files:

65E134F2-629F-4699-9424-2464885167F6.Diagnose.0.etl

and

NetworkConfiguration.cab
Image
Spoiler: show
Image
Image
Escape Chat: http://23.239.11.184/

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Thu Jul 10, 2014 4:01 pm

I can't access my computer atm. It will take two days, but I'll immediately try this out and will let you know the result in two days. Thanks for the tutorial.

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Sat Jul 12, 2014 9:39 am

Didn't work. I'm not sure how I can open the .etl file. I've searched for a program to open .etl files but found nothing, and it won't open by default either. Network.cab opens a folder with two text files, called ipconfig.all and route.print. Opening will require me to select a file and to extract it. Not sure what exactly it's for. This might help. The other error was the IPsec one, and that new rule to enable port 443 is supposed to be the cause of that. If I do the same when the firewall is disabled, it can't identify any error, but it still fails to connect with SSL sites, despite of finding no error.

This option to identify errors, implementing it will make you choose to find any error with the internet connection; which is an IPsec-error when firewall is enabled; or an error with the connection with one specific site. When I choose a https-using site, the error is always that the remote device rejected connection. Enabling or disabling firewall doesn't influence this, which means that my firewall is irrelevant to this error.

I have no clue what is meant with the remote device rejecting connection with https, though. Is the router the remote device? In that case, I'm wondering why the remote device rejects connection on my computer only, and not on other devices. One possibility is that the it's set up to block port 443 in the router configuration for my IP exclusively, which would mean I'm screwed since I'd have to login in to my fritz box and disable this, but I don't have the password and my mother probably doesn't give shit about this and wouldn't bother. But before I jump into such conclusions, what is meant with the remote device?

User avatar
michel
Banned
Posts: 157
Joined: Fri Dec 20, 2013 12:54 pm

Re: SSL Connection Error

Postby michel » Sat Jul 12, 2014 3:06 pm

I know remote device is the server (website) you're connecting to.

Anyways, everything that I could think of didn't help you. There's only one thing I can suggest to help you diagnose your problem, and it's a bit of a pain to go through. You can check if the problem lies within your operating system configuration by booting into a Linux Live-CD and trying to connect to a HTTPS webpage through it.

A live CD, live DVD, or live disc is a complete bootable computer installation including operating system which runs in a computer's memory, rather than loading from a hard disk drive; the CD itself is read-only. It allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.

A live ISO is an ISO image of a Live CD which can be used in virtual machine environments, mounted as if it were a CD/DVD and used as the virtual machine's boot CD. Live CDs, ISOs, and images usually include an operating system available without charge or restrictive licence such as Linux, rather than a commercial one such as Microsoft Windows, for legal rather than technical reasons.

The Live CD you would probably want to boot into would be the Ubuntu Live ISO, which you can burn into a CD/DVD. It can be found here. http://www.ubuntu.com/download/desktop

Now heres how you can do this procedure:
MAKE SURE TO HAVE ANOTHER DEVICE IN HANDY SO YOU CAN READ THIS GUIDE WHILE YOUR COMPUTER IS TURNED OFF!

Burning the ISO image into a CD
1. First thing, you'll want to download the ISO image from http://www.ubuntu.com/download/desktop and burn it into a CD.

2. Download Free ISO Burner, a completely free program that only burns ISO files, making it really easy to use.
Important: Free ISO Burner is completely free and fully functional. HOWEVER, their download page (hosted by SoftSea.com) is a little tricky. Don't let their advertisements fool you into downloading something else. See the Warning in Step 3 in my tutorial for details.

3. Double-click on the FreeISOBurner file that you just downloaded. The Free ISO Burner program will start. (Free ISO Burner is a standalone program, meaning it doesn't install, it just runs. This is yet another reason why I prefer this ISO burner over others with huge installations.)

4. Insert a blank disc in your drive.

5. Click the Open button next to the empty space within the ISO File section, near the top of the program window.

6. When the Open window appears, locate and select the ISO file you wish to burn to the empty disc.

7. Once you've selected the ISO file, click the Open button at the bottom of the window to confirm your selection.

8. Now that you're back to the Free ISO Burner main screen, check that the option under Drive is in fact the optical drive you put the empty disc in while on Step 4 above. (If you have more than one optical drive, you may have more than one option to choose here.)

9. Skip the customizations in the Options area unless you know what you're doing.

10. Click the Burn button to start the ISO file burn.

Depending on how large the ISO file is, and how fast your disc burner is, the ISO burning process could take anywhere from several seconds, to several minutes, to complete.

11. When the burning is complete, the disc will automatically eject from the drive. You then can remove the disc and close Free ISO Burner.

Now you can proceed to the next steps:

Running the Live CD
DO NOT RUN ANYTHING FROM THE CD WHILE YOU ARE IN WINDOWS. THIS MIGHT RESULT IN AN ACCIDENTAL INSTALLATION OF LINUX AND OVERWRITING YOUR WINDOWS OPERATING SYSTEM COMPLETELY. DO NOT RUN WUBI.EXE.

1. Make sure your computer is booting from the CD drive.
Either turn on or restart your computer. While doing this, hold the DELETE button to enter the BIOS. Use your left and right arrow keys to navigate to the BOOT tab. *Once on the BOOT tab use your down arrow keys to navigate to the "Boot Device priority" menu.

2. Change the BOOT device priority.
follow the onscreen instructions to set the device labeled "first boot device" as the CD drive.
Often you use your UP/DOWN arrow keys to select various boot devices. on the first boot device, hitting ENTER brings up a list of devices. Use your arrow keys again to select your CD drive. Hit ENTER to save your choice.

3. Save the BIOS settings.
Press F10 to save and exit the BIOS. (On some computers you may have to hit a function button labeled "fn" and then the F10 button )

4. Insert the Live CD
After you have saved the BIOS setting insert the CD into your CD Drive.

5. Boot From the Disk
While your computer is loading, insert the Live CD and your computer should boot from the CD drive.
If your computer does not load the CD, restart it with the CD still in the drive and try again.

FINAL STEPS AND CHECKING IF THE PROBLEM REALLY LIES WITHIN WINDOWS OR AN EXTERNAL SOURCE
1. DO NOT INSTALL UBUNTU. CLICK "TRY" UBUNTU TO START THE OPERATING SYSTEM IN A TEMPORARY ENVIRONMENT.

2. Open Mozilla Firefox and connect to any website that uses SSL protocol, such as Google, Youtube or Facebook.

3. CHECK IF THE PROBLEM STILL PERSISTS. IF THE CERTIFICATE IS VALID AND THERE ARE NO PROBLEMS, THEN YOUR PROBLEM LIES IN WINDOWS.

GOING BACK TO WINDOWS
1. Turn off your computer.

2. Make sure your computer is NOT booting from the CD drive.
Either turn on or restart your computer. While doing this, hold the DELETE button to enter the BIOS. Use your left and right arrow keys to navigate to the BOOT tab. *Once on the BOOT tab use your down arrow keys to navigate to the "Boot Device priority" menu.

3. Change the BOOT device priority.
Follow the onscreen instructions to set the device labeled "first boot device" as YOUR WINDOWS HARD DRIVE.
Often you use your UP/DOWN arrow keys to select various boot devices. on the first boot device, hitting ENTER brings up a list of devices. Use your arrow keys again to select your windows hard drive. Hit ENTER to save your choice.

4. Save the BIOS settings.
Press F10 to save and exit the BIOS. (On some computers you may have to hit a function button labeled "fn" and then the F10 button )

5. Go back to Windows and post results.

This is a VERY exhaustive process and is the only way of checking if your problem really lies in your operating system or not. Since we cannot find the roots of the problem within windows, I would suggest a re-installation of the operating system if the problem really lies in Windows.
Image
Spoiler: show
Image
Image
Escape Chat: http://23.239.11.184/

User avatar
Kyo
Koopa Shell
Koopa Shell
Posts: 658
Joined: Fri Dec 20, 2013 2:12 pm
Current Project: The Twilight Star
Location: Germany

Re: SSL Connection Error

Postby Kyo » Sat Jul 19, 2014 10:09 am

I intentionally waited and didn't do this so far because I'd go to my grandma for three weeks and would take my computer with me in order to verify whether the issue remains or not. That way I'll see if the problem was the router or not, and it was. I don't have this error here. Apparently my parents accidentally blocked Port 443 exclusively for my IP in the router settings, which I can't access because I don't have the pass word. I'm extremely certain that this is the problem. I might try out your tutorial when I'm back home, but I doubt it could bypass the router settings.


Return to “Sandbox”

Who is online

Users browsing this forum: No registered users and 12 guests