This content has been marked as final. Show 71 replies
Roger: I just got this error. Here's some info you may find useful:
- Work laptop: Win7 Enterprise, 64-bit
- Almost never restart it unless an updates requires a reboot
- Rebooted this morning (NOT update related) and received this certificate revocation error on login
- If I go to "http://crl.usertrust.com/" I get a 403 error
- If I go to "https://crl.usertrust.com/" I get this SSL error (in Google Chrome): "You attempted to reach *crl.usertrust.com*, but instead you actually reached a server identifying itself as *www.comodo.com*. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of *crl.usertrust.com*. You should not proceed, *especially* if you have never seen this warning before for this site."
- If I go to "http://javadl-esd-secure.oracle.com/" I get a 404
- Same result if I go to "https://javadl-esd-secure.oracle.com/"
- I get the above errors on both my corporate network and at home
Have you been able to find a solution for this yet?
I have the same results when trying to access the URLs.
In Firefox, going to https://crl.usertrust.com/ yields this result:
crl.usertrust.com uses an invalid security certificate.
The certificate is only valid for the following names:
www.comodo.com , comodo.com
(Error code: ssl_error_bad_cert_domain)
I have found that if you choose the "view certificate" option and go to the "certification path" tab, install the certificate, manually put it in the "Trusted Root Certification Authorities" category by using the browse option when installing, I no longer receive the errors.
This may not work in everyone's case but it did help with the JRE certificate errors we were receiving on our Win7 64-bit workstations.
I have been getting this error for certificate javadl-esd-secure.oracle.com, USERTrust Legacy Secure Server CA, valid 1/10/2012 to 1/10/2013, for several weeks. Interestingly enough, it seems to always popup when the Symantec Endpoint 12 scan pops its dialog to notify me of the results of the daily scan. The machine is Windows 7 Enterprise x64. It is updated through April 2012 Microsoft updates cycle, at least I think I ran last months. For certain it was last updated in the March release of updates.
Interestingly enough, I just checked in Control panel, and Jave (32-bit) is listed there, not the 64 -bit version. It reports that last Jave Update was run on 4/24/12. I am assuming since I use the 32 bit browser it makes sense to have the 32-bit java version installed. I had actually not thought about it, I just went to java.com and said download the latest version when I installed the machine. A later update is available, I will install it.
As for the certificate popup error, I get a security alert which I suspect is from Endpoint, stating: "Revocation information for the security certificate for this site is not available. Do you want to proceed?" Not sure what I am proceeding with, however. I can click to view the cert, and it has an option to install it. I just let that wizard do its thing, and it reported after a few seconds pause that "The import was successful".
I decided to do this based on reading through this thread, and your assertion the cert is in fact valid.
I will report back whether the security warning recurs again or not.
Same problem here. I have 15 Dell Optiplex GX620's. Just upgraded them from Xp with my standard Win 7 build and these certificate errors are coming up. For the first one I got, I saw it was from Java, so installed it manually on each machine when the pop-up appeared. But 30 minutes later, another one pops up. It's clearly something to do with the Java auto-update.
The build deployed to the machines has 6u31 installed on it, but this was updated from an older build that had 29 or 30.
I have CachePilot proxy installed using AD authentication, but problem still appears when I disable Java auto-update in Control panel, or bypass the proxy from the Java control panel applet.
If I point my browser at crl.usertrust.com all I get is a '403 Forbidden' message. This is whether I go through the local network, or if I just browse on my 3G phone to the site.
Interestingly, laptops I deployed using the same build a month ago have not seen this message.
I'd be happy to add the certificate but I have over 150 machines to deploy so looking for a smooth, preferrably GPO-based solution.
any help appreciated!
Edited by: 931512 on 02-May-2012 05:48
This issue has been with us since day one of the JRE 6u31 update ad the beginning of this thread. Today I downloaded JRE 6u32 from the Oracle website and installed it on my machine and our receptionist's. So far the security alert has not appeared. I am hoping update 32 will finally get rid of this cert issue because we have tolerated this long enough.
Just signed up to post in this thread.
Using JRE 7u4 I get the exact same certificate issue.
As stated earlier you can remove IE9s requirement to check for certificate revocation but this is NOT a solution.
Thankfully I discovered this during the testing of a Windows 7 imagine before pushing it out to hundred of clients ....
Going to try JRE 6u32 as mentioned earlier.
C'mon Oracle.. what gives !
Update 6u32 is an improvement, but the issue is not entirely fixed. However, the Security Alert pops up a lot less, it took two days after installing it for me to get the alert. With 6u31 it would pop us as soon as i logged on, but now if it does come up it isn't until I have been on for a while for me to get the alert, or some days it doesn't pop up at all. I still want it gone permanently though. I tried 7u4, and it only made it worse. The alert popped up during the installation and immediately after as well as every time i logged on, so I went back to 6u32.
Edited by: OTTO IT on May 16, 2012 3:59 PM