Certificates in chrome

Similar Messages

• Can't find certificate that appears on Chrome

  Hi all, I have a problem and need some help. When I try to connect to Gmail, I get the following error
  Cannot connect to the real mail.google.com
  Something is currently interfering with your secure connection to mail.google.com.
  Try to reload this page in a few minutes or after switching to a new network. If you have recently connected to a new Wi-Fi network, finish logging in before reloading.
  If you were to visit mail.google.com right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real mail.google.com.
  LessReload
  What does this mean?
  mail.google.com normally uses encryption (SSL) to protect your information. When Chrome tried to connect to mail.google.com this time, mail.google.com returned unusual and incorrect credentials. Either an attacker is trying to pretend to be mail.google.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.
  Network errors and attacks are usually temporary, so this page will probably work later. You can also try switching to another network.
  Technical details
  mail.google.com has asked Chrome to block any certificates with errors, but the certificate that Chrome received during this connection attempt has an error.
  Error type: HSTS failure
  Subject: FG600B3908600560
  Issuer: FG600B3908600560
  Public key hashes: sha1/7vClZj4lhFuMwxiKhsgl6Jnbj4o= sha256/tqGQy3D+ueVGfY9YXbprcdbS+K/W5n6Bi1BDuxf70j8=
  When I click on the https link i get the following info for the certificate:
  If I click on certificate information I get:
  As you see, the certificate belongs to Fortinet. We use that at the office for security purpose. As soon as I get online, it asks me for a password.
  But, for some reason, that certificate got 'stuck' on the gmail page.
  I went to keychain and tried to find that certificate to delete it, but could not find it anywhere.
  Any ideas on how to fix this problem?

  Ok, oddly enough it just updated and the music is back on the list...go figure =)

• Google Chrome Browser, can't log on to SDN or Service.SAP

  Hello all,
  Has anyone been able to use the new Google Chrome browser to log on to this forum or Service.SAP?  I get the following error: "Error 110 (net::ERR_SSL_CLIENT_AUTH_CERT_NEEDED): Unknown error."
  I am using the same certificate in Chrome that I am using in IE and Firefox.  Those two browsers have no problem connecting to this forum or Service.SAP.
  Any suggestion are appreciated.
  Thanks
  Bruce

  Moved from ABAP (what were you thinking... ) to the Comments & Suggestions Forum and locked.
  Please use the linked thread if you find this one => Google Chrome and SCN
  Cheers,
  Julius

• Signing with Code Certificate from COMODO ?

  Hi,
  does anyone have some experience with a Code Signing Certificate from COMODO ?
  I exported the certificate from Chrome or IE and tried the signing for a ja file,
  but get:
  jar signed.
  Warning:
  The signer's certificate chain is not validated.
  Can anyone help me ?
  Many thanks.

  According to tzengs suggestion I tried to export the certificate again from firefox using "backup all" instead of "backup" with no effect.
  One thing which I am still not sure of:
  Can my client give me a p12 certificate which I can use as it is to sign my application using the provided password or do I have to process this certificate first?
  Depending on the answer to this question I need to take different action:
  YES: I need to tell my client to export the certificate in a different manner in order to "create the complete chain"
  NO: The certificate from my client is fine but I still need to figure out how to change the certificate so that I don't get the error.
  Thanks for your help.

• User not shown in communications stream

  the original poster of a discussion is not shown  in the right window of the communications stream
  it just starts with "asked"
  further I cannot insert an image using IE8, the button to insert  is visible but inactive on the pop-up.
  I tried to attach the "jpg"- screen shot, but this was not possible either, I receive the  error: The content type of this attachment is not allowed.
  png is working as attachment

  Hi Oliver,
  Yes the original poster is still missing - if it is not me
  I can see "Jürgen L asked 10 hours ago" in this discussion, but I cannot see the initial user in any other discussion in the communication stream.
  Glad to see that most other issues are a gone now, I can logon with my certificate in Chrome, can access my blog, can reply from the communication stream. Left is user name, the insert of pictures, and the content filter from the space overview. did not yet find anything else.

• SSL certificate not valid in Safari, but webservice  works with Chrome and Firefox

  As a MD, I'm used to check blood results online on the service
  https://inet.zentral-labor.ch/c16/kunweb.dll - this is the online-portal of my laboratory medica in Zurich. http://www.medica.ch
  Access to the loginscreen is public ;-) and should look like this (Screenshot from Firefox)
  I've setup a new workstation 3 weeks ago (iMac with OS Lion 10.7.4), and this webservice service works fine till yesterday. Now, Safari is every time we try to reach the service telling us, that this service needs a certificate, we can choose only a default apple certificate
  and then, the error is:
  This Site needs a valid SSL-Client-Certificate... (Screenshot below)
  What's wrong with Safari? With Chrome and Firefox, the webservice works fie without any problems.
  Thanks for an advice
  MD Patric Eberle

  As a MD, I'm used to check blood results online on the service
  https://inet.zentral-labor.ch/c16/kunweb.dll - this is the online-portal of my laboratory medica in Zurich. http://www.medica.ch
  Access to the loginscreen is public ;-) and should look like this (Screenshot from Firefox)
  I've setup a new workstation 3 weeks ago (iMac with OS Lion 10.7.4), and this webservice service works fine till yesterday. Now, Safari is every time we try to reach the service telling us, that this service needs a certificate, we can choose only a default apple certificate
  and then, the error is:
  This Site needs a valid SSL-Client-Certificate... (Screenshot below)
  What's wrong with Safari? With Chrome and Firefox, the webservice works fie without any problems.
  Thanks for an advice
  MD Patric Eberle

• Google chrome : client certificate install fails

  when i try ti install client certificate on google chrome, the error says : The server returned invalid client certificate.
  This is happening in Google chrome under the certsrv site to install the issued certificate. Does chrome support client certificates?

  Question: 
  What does Error
  207 (net::ERR_CERT_INVALID) mean when I try to collect my certificate (CodeSigning or Email)?
  Answer: 
  This means that you have tried to obtain your certificate using the Google Chrome browser. At this present time Google Chrome does
  not support chained certificate enrollment and you can not use another browser to collect this certificate because the private key was generated with Chrome and you must start the process from the beginning again using another browser such as Mozilla Firefox
  or Microsoft Internet Explorer.
  Source:
  https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/776/38/ 

• Firefox shows an unknown certificate error while Chrome does not for same site

  On a site at which Credit Card payment info is shown, Firefox is reporting a certificate error while Chrome does not. Prefer to use FF but need to know if warning is right or not. Have cleared the cache and still get the warning. This is new to FF as we've used it on this site for several years.

  HI khetheri,
  In order to better test the certificate may we request the certificate without the private keys? I have some backup from the security team if this is possible.
  There is a temporary work around as well but I don't recommend turning on all certificates to make sure it is not a compatibility error(ish)
  It is possible to check if it is being detected as a bad certificate in Firefox itself to eliminate compatibility issues.
  # In the [[Location bar autocomplete|Location bar]], type '''about:config''' and press '''Enter'''. The about:config "''This might void your warranty!''" warning page may appear.
  # Click '''I'll be careful, I promise!''', to continue to the about:config page.
  # Search for '''browser.xul.error_pages.expert_bad_cert ''' and set it to true to try the certificate normally.
  Looking forward to your reply!

• I am getting an invalid certificate notice when going to one web site only, that formerly was not a problem. Happens with Safari and Google Chrome. Any ideas?

  I am getting an invalid certificate notice when going to only one web site, that previously was OK. Happens with both Safari and Google Chrome. Would emptying the system cache fix the problem?

  Well, it seems weird & it has no email listed, you might try contacting them to see...
    [email protected]

• A question viewing certifcate information via the padlock symbol in IE 11 (works on Chrome brower)

  Hello All
  Can someone please help me with the following questions,
  J
  1:
  I have a CA whose CA certificate has an Issuance (aka certificate) Policy.
  Next I created a CSR for a WEBServer certificate, I created the CSR by first creating a .inf (request file) containing the usual including the following
  [RequestAttributes]
  CertificateTemplate=WebServer
  OID=1.3.6.1.5.5.7.3.1
  IssuancePolicy="My Certificate Policy"
  OID=1.3.6.1.4.145389.1.1.1
  Turned the above into a CSR (base64 encoded) then submitted and retrieved the relevant certificate from the CA
  If I open the certificate flat file the resultant certificate has the relevant Issuance Policy listed under the section
  ‘This certificate is intended for the following purposes’
  So all good so far
  Next I install the certificate to the WEB Site and bind it etc. When I go the WEB Site e.g.
  Https://TestSite the certificate works and the traffic is encrypted etc… e.g. click on the padlock in Internet Explorer provides the expected information, but when I click on View Certificate via this padlock symbol; in Internet
  Explorer the certificate come up OK but under
  ‘This certificate is intended for the following purposes’
  It does not show my issuance policy e.g. just the standard application policy for a WEBServer cert.
  If I then look under the details/extensions tab of the certificate it does show certificate policy under the certificate policies extension, so looks OK from the extensions tab, but policy does not show up under ‘This certificate is intended for the following
  purposes’ when certificate is viewed via padlock on IE but does show up if I open the certificate flat file (either original certificate file or copy to file then view certificate as a flat file).
  The OID for the policy is registered in both active directory and local OID databases.
  So the question is why do I not see the issuance policy when viewing cert via padlock in IE but does when viewing flat file.
  I am using IE 11.x
  When doing the same thing from Chrome browser the certificate policy does show up OK, therefore is this a possible bug with IE 11.x
  Thanks All
  AAnotherUser__
  AAnotherUser__

  Hello Brian
  Thanks for the reply,
  The OID is in the Issuing CA Certificate (online CA) e.g. was part of the CAPolicy.inf file when installing the Issuing CA. The OffLine Root and OffLine Policy CA have the All Issuance Policy set in their CA Certificates.
  briefly as mentioned above when opening the cert (.cer) as a flat file by double clicking on it you can see the Issuance Policy listed as expected. When viewing the same cert via Internet Explorer (v11.x) PadLock > View Certificate it shows the Application
  Policy, but not the Issuance Policy (e.g. in the general tab) but does show the Issuance Policy under Extensions Tab. If I use Chrome, click on the PadLock > View Certificate it does show the Issuance Policy (as it always does when opening the flat
  file).
  Therefore was kind of wondering if a Bug in IE, when doing a CertUtil -f -urlfetch -verify Cert.Cer it passed all tests and shows it was validated against the Issuance Policy OK, therefore  perhaps bug in IE
  No big deal, just wanted to know if any one else saw this or was another explanation
  Thank you
  AAnotherUser__
  AAnotherUser__

• Safari 5.1.7 "Invalid URL" & "certificate not valid"-Google won't even work! HELP

  I have the newest version of Safari and as far as I know everything else on my computer is up-to-date. I checked for a software update and it claims everything is up to date. This has been happening for a little while and started with the invalid site certificates. I never was sure if I should click "continue" or "cancel". I first was clicking cancel and continue trying to see what changed. Cancel would keep me on the same page (I think, if I remember correctly) and continue would usually take me to the desired site. But recently this problem with site certificates has been happening more and more on different sites (I believe it began on facebook; and on sites I use daily). I just tried to google the problem and of course a web page of "Invalid URL" comes up. So I tried to see if it would work on a different browser (Firefox and Chrome), I had the same problem on those two, too, which makes me think a Google problem. However, this happens on other sites, such as facebook, and the site doesn't work for a little while (usually a period of X minutes). Even when I completely quit Safari, this doesnt change.
  I reset Safari tonight, and I've cleared the cookies, and I've emptied the cache, but nothing seems to be working. Im starting to wonder if there is a way to downgrade just one version of Safari to see if maybe this is a bug on this version of Safari, but I have no idea if that's possible or if it'll work.
  Please help!

  I hear ya...irritating as ****.  It's on all the other I've followed th other threads and tried the fixes, so far nothing.  Hit me up if you ever find a workable solution other than going back to a PC.  :s You'd think Apple would've fixed this by now, cause they're supposedly very very very very good.

• [SOLVED] Forms Web - Works on IE and Chrome, firefox says it misses plugin

  Greetings,
  Both in IE and Chrome it works perfectly i open the Gin client through the same URL, ex: http://10.0.0.28:7778/forms/frmservlet?config=gin4
  However if i try the same URL in firefox it shows a big grey square in the page saying "Click here to download Plugin"
  Clicking instal it opens a small popup saying no suitable plugins were found, inside it says and Unknown Plugin (text/html) and a button to installs manually appears.
  Clicking on that button i am taken to this page: http://java.sun.com/products/archive/j2se/1.4.2_06/index.html
  I have lost track on the number of times i have installes uninstalled and reinstalled a lot of java versions not just the 1.4.2_06 version.
  I have been trying to fix this problem for a couple of months now with no luck.
  Here is the Source code from the html page, its the same for every browser since its the same url:
  <HTML>
  <!-- FILE: webutiljpi.htm (Oracle Forms) -->
  <!-- -->
  <!-- This is the default base HTML file for running a form on the -->
  <!-- web using the JDK Java Plugin. This is used for example when -->
  <!-- running with Netscape on Unix. -->
  <!-- and a certificate regsitration applet for the WebUtil utility -->
  <!-- -->
  <!-- IMPORTANT NOTES: -->
  <!-- Default values for all the variables which appear below -->
  <!-- (enclosed in percent characters) are defined in the servlet -->
  <!-- configuration file (formsweb.cfg). It is preferable to make -->
  <!-- changes in that file where possible, rather than this one. -->
  <!-- -->
  <!-- This file uses several extra tags that are not present in the -->
  <!-- default template files. You should ensure that these are -->
  <!-- present in the configuration that uses this template -->
  <!-- The extra substitution Tags are: -->
  <!-- frmwebutil.jar, jacob.jar = jar file containing the WebUtil code -->
  <!-- (by default this should be frmwebutil.jar) -->
  <!-- off = Defines the current logging mode. -->
  <!-- Valid values: off|on|console|server|all -->
  <!-- (on == console) -->
  <!-- normal = Specifies the level of error logging.-->
  <!-- Valid values: normal|detailed -->
  <!-- Alert = Should errors be displayed in an alert -->
  <!-- as well as the programmer defined -->
  <!-- locations -->
  <!-- Valid values: console|server|alert|all -->
  <!-- 5 = Counts in second to -->
  <!-- indicate how often the monitor thread -->
  <!-- checks to see if the Forms session is still-->
  <!-- alive. Used with the WebUtil_Session -->
  <!-- package. -->
  <!-- true = Should intranet without domain suffix-->
  <!-- be trusted. -->
  <!-- Valid values: true|yes|false|no -->
  <!-- 16384 = Size in bytes of file transfer -->
  <!-- segments. Default and maximum allowed is -->
  <!-- 16384, i.e. 16K. -->
  <HEAD><TITLE>GIN - Gestao Integrada do Negocio - WebUtil</TITLE></HEAD>
  <BODY >
  <COMMENT id="forms_plugin_info"
  plug_ver="clsid:CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA"
  appheight="800"
  appwidth="900"
  appcodebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab#Version=1,4,2,06">
  </COMMENT>
  <!-- Forms applet definition (start) -->
  <NOSCRIPT>
  <OBJECT classid="clsid:CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA"
  codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab#Version=1,4,2,06"
  WIDTH="900"
  HEIGHT="800"
  HSPACE="0"
  VSPACE="0">
  </NOSCRIPT>
  <SCRIPT LANGUAGE="JavaScript" SRC="java/forms_ie.js"></SCRIPT>
  <PARAM NAME="TYPE" VALUE="application/x-java-applet;jpi-version=1.4.2_06">
  <PARAM NAME="CODEBASE" VALUE="/forms/java">
  <PARAM NAME="CODE" VALUE="oracle.forms.engine.Main" >
  <PARAM NAME="ARCHIVE" VALUE="frmall.jar, ginico4.jar, laf.jar,formsmagnifier.jar,formsmagnifier10123.jar,handleimage3.jar,fjtable.jar,frmwebutil.jar, jacob.jar" >
  <PARAM NAME="serverURL" VALUE="/forms/lservlet?ifcfs=/forms/frmservlet?config=gin4&acceptLanguage=en-US,en;q=0.8">
  <PARAM NAME="networkRetries" VALUE="30">
  <PARAM NAME="serverArgs"
  VALUE="escapeParams=true module=GINFS001.fmx userid= sso_userid=%20 sso_formsid=%25OID_FORMSID%25 sso_subDN= sso_usrDN= debug=no host= port= buffer_records=no debug_messages=no array=no obr=no query_only=no quiet=yes render=no record= tracegroup= log= term=/orasoft/OraHome_1/forms/admin/resource/US/fmrpcweb.res UTI= PASS= IDIOMA= ADMGIN=admgin PM$CSS_FILENAME=/gin/gin4/exe/forms.css">
  <PARAM NAME="separateFrame" VALUE="true">
  <PARAM NAME="splashScreen" VALUE="no">
  <PARAM NAME="background" VALUE="FUNDO.jpg">
  <PARAM NAME="lookAndFeel" VALUE="oracle">
  <PARAM NAME="colorScheme" VALUE="blue">
  <PARAM NAME="serverApp" VALUE="default">
  <PARAM NAME="logo" VALUE="REMATE_MENU.gif">
  <PARAM NAME="imageBase" VALUE="codebase">
  <PARAM NAME="formsMessageListener" VALUE="">
  <PARAM NAME="recordFileName" VALUE="">
  <PARAM NAME="EndUserMonitoringEnabled" VALUE="">
  <PARAM NAME="EndUserMonitoringURL" VALUE="">
  <PARAM NAME="heartBeat" VALUE="">
  <PARAM NAME="WebUtilLogging" VALUE="off">
  <PARAM NAME="WebUtilLoggingDetail" VALUE="normal">
  <PARAM NAME="WebUtilErrorMode" VALUE="Alert">
  <PARAM NAME="WebUtilDispatchMonitorInterval" VALUE="5">
  <PARAM NAME="WebUtilTrustInternal" VALUE="true">
  <PARAM NAME="WebUtilMaxTransferSize" VALUE="16384">
  <COMMENT>
  <EMBED SRC="" PLUGINSPAGE="http://java.sun.com/products/archive/j2se/1.4.2_06/index.html"
  TYPE="application/x-java-applet;jpi-version=1.4.2_06"
  java_codebase="/forms/java"
  java_code="oracle.forms.engine.Main"
  java_archive="frmall.jar, ginico4.jar, laf.jar,formsmagnifier.jar,formsmagnifier10123.jar,handleimage3.jar,fjtable.jar,frmwebutil.jar, jacob.jar"
  WIDTH="900"
  HEIGHT="800"
  HSPACE="0"
  VSPACE="0"
  serverURL="/forms/lservlet?ifcfs=/forms/frmservlet?config=gin4&acceptLanguage=en-US,en;q=0.8"
  networkRetries="30"
  serverArgs="escapeParams=true module=GINFS001.fmx userid= sso_userid=%20 sso_formsid=%25OID_FORMSID%25 sso_subDN= sso_usrDN= debug=no host= port= buffer_records=no debug_messages=no array=no obr=no query_only=no quiet=yes render=no record= tracegroup= log= term=/orasoft/OraHome_1/forms/admin/resource/US/fmrpcweb.res UTI= PASS= IDIOMA= ADMGIN=admgin PM$CSS_FILENAME=/gin/gin4/exe/forms.css"
  separateFrame="true"
  splashScreen="no"
  background="FUNDO.jpg"
  lookAndFeel="oracle"
  colorScheme="blue"
  serverApp="default"
  logo="REMATE_MENU.gif"
  imageBase="codebase"
  recordFileName=""
  EndUserMonitoringEnabled=""
  EndUserMonitoringURL=""
  heartBeat=""
  WebUtilLogging="off"
  WebUtilLoggingDetail="normal"
  WebUtilErrormode="Alert"
  WebUtilDispatchMonitorInterval="5"
  WebUtilTrustInternal="true"
  WebUtilMaxTransferSize="16384"
  >
  <NOEMBED>
  </COMMENT>
  </NOEMBED></EMBED>
  </OBJECT>
  <!-- Forms applet definition (end) -->
  </BODY>
  </HTML>
  Any help is appreciated.
  Best regards,
  Igor Carrasco

  In the Java plugins i see :
  Java(TM) Platform SE 6 U20
  File: npjp2.dll
  Version: 6.0.200.2
  Next Generation Java Plug-in 1.6.0_20 for Mozilla browsers
  MIME Type      Description      Suffixes
  application/x-java-applet      Java Applet      
  application/x-java-bean      JavaBeans      
  application/x-java-vm           
  application/x-java-applet;version=1.1.1           
  application/x-java-bean;version=1.1.1           
  application/x-java-applet;version=1.1           
  application/x-java-bean;version=1.1           
  application/x-java-applet;version=1.2           
  application/x-java-bean;version=1.2           
  application/x-java-applet;version=1.1.3           
  application/x-java-bean;version=1.1.3           
  application/x-java-applet;version=1.1.2           
  application/x-java-bean;version=1.1.2           
  application/x-java-applet;version=1.3           
  application/x-java-bean;version=1.3           
  application/x-java-applet;version=1.2.2           
  application/x-java-bean;version=1.2.2           
  application/x-java-applet;version=1.2.1           
  application/x-java-bean;version=1.2.1           
  application/x-java-applet;version=1.3.1           
  application/x-java-bean;version=1.3.1           
  application/x-java-applet;version=1.4           
  application/x-java-bean;version=1.4           
  application/x-java-applet;version=1.4.1           
  application/x-java-bean;version=1.4.1           
  application/x-java-applet;version=1.4.2           
  application/x-java-bean;version=1.4.2           
  application/x-java-applet;version=1.5           
  application/x-java-bean;version=1.5           
  application/x-java-applet;version=1.6           
  application/x-java-bean;version=1.6           
  application/x-java-applet;jpi-version=1.6.0_20           
  application/x-java-bean;jpi-version=1.6.0_20           
  and this also:
  Java Deployment Toolkit 6.0.200.2
  File: npdeployJava1.dll
  Version: 6.0.200.2
  NPRuntime Script Plug-in Library for Java(TM) Deploy
  MIME Type      Description      Suffixes
  application/java-deployment-toolkit           
  Plus a lot more plugins not from Java.
  Best regards

• "The certificate is not trusted because no issuer chain was provided" error in all browsers for all websites.

  As it says, Chrome, Firefox, and Internet Explorer all give the certificate error message for any and every website attempted - including the Firefox add-ons page. The specific error is the "no issuer chain was provided".
  1) This problem is not on my computer - it is on my mother's computer in another city. Therefore, I cannot attempt every little possibility without flying over there - I'm looking for things I can tell her to do over the phone. The problem started today. I've already given her the list of anti-malware programs to go install and run from here:
  https://support.mozilla.org/en-US/questions/982393
  Note that, of course, she will have to accept the security certificate override to get to these things - I hope this isn't bad.
  2) The problem started after she tried to use Skype, it hung for a very long time and would never log on. So she tried to reinstall it - and she said she clicked through a number of agreement screens and believes she may have installed malicious 3rd party software. This is ridiculous, is Skype now putting malware on people's computers through these bogus 3rd party add-ons at installation? I suppose it is possible Skype was hanging because of some other problem - but she did manage to reinstall Skype and got it to work (but now her internet certificates won't).
  3) She has BitDefender. I am aware that it says here:
  https://support.mozilla.org/en-US/kb/connection-untrusted-error-message
  that she should turn off SSL scanning. She turned it off, it did not solve the problem. She turned it off and restarted, it did not solve the problem. She has had it on for the past 6 months and it has never caused a problem.
  4) In addition, BitDefender reported today that it stopped a malicious program called MySearchDial.exe from attempting something it shouldn't. We went through this removal guide:
  http://malwaretips.com/blogs/start-mysearchdial-removal/
  however, the software MySearchDial was never actually installed into the windows install list, and we did not find any addons/plugins in any of the browser lists (note that Firefox add-ons cannot be accessed with a certificate error, it gives the error message but DOES NOT give you the option to add an exception so you can't access the add-ons). The only thing we found was (a) MySearchDial was default in the IE search engine list, despite there being no add-on, and (b) MySearchDial.exe was in the temp folder (now deleted). I note that I had BitDefender scan the temp folder *before* I deleted MySearchDial.exe, and it claimed no threats were found. What? It was BitDefender that warned me of it in the first place!
  5) Time and date are correct.
  6) Checked the Win 7 install log, only Skype, Skype Click-to-Call, and (for some reason) Mircosoft Visual Studio 2010 and Visual C++ were installed or altered today. I got paranoid about Click-to-call and asked her to uninstall it, but it didn't solve the problem.
  7) The OS is Win7 64bit Home.
  Anything beyond endless Malware removal programs (via list linked above) that we should try?

  The only way to know what is going on is to retrieve the certificate and check who is the issuer.<br />
  It is always possible that the server doesn't send the full certificate chain (intermediate certificates), so it might help to post a link to this website
  Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
  Check out why the site is untrusted and click "Technical Details to expand this section.<br>If the certificate is not trusted because no issuer chain was provided (sec_error_unknown_issuer) then see if you can install this intermediate certificate from another source.
  You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
  *Click the link at the bottom of the error page: "I Understand the Risks"
  Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
  *Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.
  You can see more Details like intermediate certificates that are used in the Details pane.
  If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".
  *Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.
  *Note that it is not recommended to add a permanent exception in cases like this, so only use it to inspect the certificate.

• Safari, chrome and firefox cannot verify identity of secure websites after upgrading to 10.7.4,  apple engineers have tried multiple things including operating system with no success

  safari, chrome and firefox cannot verify identity of secure websites after upgrading to 10.7.4,  apple engineers have tried multiple things including operating system with no success

  There are several threads about this problem, most notably one called 'Invalid Certificates' is over 4 pages long.  Many of us have experienced difficulty connecting to banking and other secure sites.  On my Macbook Pro, I cannot get to my banking site with any browser, however I can get there on my iMac using Safari, but get the 'Invalid Certificate' notice with FF and Chrome.  The problem started after the installation of 10.7.4.  I have sent a message to Apple--they will be dismayed to hear that I cannot complete an order at their online store!

• I am getting the sec_error_bad_der error when accessing a site. This was working fine but now comes up with this error. Chrome and IE work Fine but Firefox show

  I using IBM Flex hardware and firefox is the recommended browser. I cannot access one of the IO modules in the chassis I get the error sec_error_bad_der and problem loading page. Other IO modules are fine and it works in IE and Chrome I have uninstalled and reinstalled the browser. Please can you assist.

  I had to look that one up: [http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8721.doc%2Fio_modules.html]
  That error normally refers to an ssl cert error. Does the cert for that particular node use ssl3? [http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8731.doc%2Ftroubleshooting_mobile_system_management_app.html] or is it different from the others?
  Manage the stored cert from the Pafe Info (right click) Security > View Certificate.