Koodo Community

Community

Solved

Privacy error while making a payment


I tried to make a payment using the web self serve portal but my browser stopped me. This occurred after I entered the payment amount (first step, pressed a button that says "Next"). While using an up to date version of Chrome, I got a "Your connection is not private" error page with an error of NET::ERR_CERT_AUTHORITY_INVALID.

Here's the advanced message:
This server could not prove that it is pay2.koodomobile.com its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.

22 replies

you need to trust security certificate of  pay2.koodomobile.com first, otherwise your access is not safe and will be blocked, here is the link help you to fix it:

http://www.toppctech.com/fix-net-err-cert-authority-invalid-error/

Philip Song wrote:

you need to trust security certificate of  pay2.koodomobile.com first, otherwise y...

This is a really bad idea. See my full reply below.
Philip Song wrote:

you need to trust security certificate of  pay2.koodomobile.com first, otherwise y...

I believe I've uncovered the whole story now and this fix is reasonable (when you know all the details). See my last post. Manually trusting certificates is generally a bad idea though.
Userlevel 7
Badge +4
@ Nathan, per Phillip above this is a "browser" error message not one coming from Koodo. Follow his recco and it should be alright.
Bernard wrote:

@ Nathan, per Phillip above this is a "browser" error message not one coming from Koodo. Follow h...

"should be alright" eh?
Bernard wrote:

@ Nathan, per Phillip above this is a "browser" error message not one coming from Koodo. Follow h...

How do I mark this question as "Not Answered"?
Userlevel 7
Badge +4
Bernard wrote:

@ Nathan, per Phillip above this is a "browser" error message not one coming from Koodo. Follow h...

You don't, a forum moderator will do so at their discretion. Just because you dont like an answer doesn't mean it's not answered. Please don't mistake my reply as being rude. Just stating a fact. Best of luck.
"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-signed certificate by a third party wanting to steal my credit card information. If you run into this error, please don't follow the suggestion in Philip's reply unless we've got more information.
Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

No, I don't agree with you.

the SSL certificate is help you to protect your credit card information.  please read the following article :
https://www.sslshopper.com/why-ssl-the-purpose-of-using-ssl-certificates.html

Every E-commence website have to install ssl certificate to protect customer's sensitive information. And customer has to trust their certificate then begin online shopping.

 
Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

You're right that SSL certificates are best practice for e-commerce sites. SSL certificates enable us to have https connections. However, we don't have to manually trust each site's certificate. Have you ever gone to Amazon.ca to purchase something and been forced to trust a certificate?

We don't have to trust each individual certificate because there are organizations called certificate authorities that digitally sign certificates. Chrome and other browsers know about these established certificate authorities and accept them. When something is wrong with the certificate (a bad signature or an untrusted certificate authority), then Chrome shows the warning page I've been seeing.

The lesson: Don't trust certificates that Chrome doesn't trust automatically. There's a good reason that Chrome throws that warning page at you. I will look for alternate payment methods if Koodo doesn't get this fixed soon.
Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

Our SSL certificate is issued by Symantec, a Trusted CA. 

Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

Okay, that's good. Do you know why Chrome is displaying the untrusted CA error then?
Userlevel 7
Badge +4
Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

The comments in the first link@Philip Song posted offer a long, but likely incomplete, list of clashes with SSL certificates. Possibly those examples might begin to give you some direction for a search.
Nathan Feaver wrote:

"Just trusting the certificate" is a really bad idea. For all I know, the certificate is a self-s...

I'm not sure I follow you@David. Do you mean the list of Chrome errors, starting with net::err_cert_authority_invalid? I understand what the error is and when it would be displayed in general. I'm not understanding why other people don't seem to be seeing the same error and what Koodo is doing to make sure their SSL certificates (and secure connections) are properly set up.
Userlevel 7
Badge +4
There's a lot of different paying methods you can use if you don't want to use the one above : http://help.koodomobile.com/my-bill/billing-and-payment-options/how-can-i-pay-my-bill

But I never had any true problems with Koodo.
Userlevel 3
My chrome browser is up to date, just made a payment online and never got that error message from koodo. Otherwise I likely would have questioned it too. Maybe it's something on your end? 
This reply was created from a merged topic originally titled Privacy Error While Making a Payment. My question is marked as "Answered" but it is definitely not answered. Hopefully this one will get another round of attention. The original question: https://community.koodomobile.com/koodo/topics/privacy-error-while-making-a-payment
Userlevel 7
Badge +4
Nathan Feaver wrote:

[i]This reply was created from a merged topic originally titled [url=https://community.koodomobil...

I think the better question here is to ask Google why Chrome is rejecting the valid certificate. As nobody else has complained of this issue, it doesn't seem to affect most customers.

What about other browsers? Do you get any warnings there? Is the connection identified as secure?
Okay, I asked a guy at work who knows his stuff:

I'm likely seeing a certificate error because there's an intermediate certificate that my computer doesn't have and Koodo is only sending their certificate to the client (or a partial chain of certificates). Source: https://www.ssllabs.com/ssltest/analyze.html?d=pay2.koodomobile.com.

Others who don't see the warning page have browsers that are automatically fetching intermediate certificates or have them cached.

https://en.wikipedia.org/wiki/Intermediate_Certificate_Authority

I'm frustrated that Koodo doesn't have their server configured to automatically provide all of the needed certificates. I'm also disappointed that no Koodo representative provided a reasonable explanation and solution.

For people that are following along: My conclusion is that the certificate is safe to trust (manually, using the method referenced by Philip Song) because the warning is because of a misconfigured server and not because of an insecure certificate (given the SSL Labs' B ranking).
Userlevel 7
Badge +4
Nathan Feaver wrote:

Okay, I asked a guy at work who knows his stuff:

I'm likely seeing a certificate error because t...

Thanks for the update.
Nathan Feaver wrote:

Okay, I asked a guy at work who knows his stuff:

I'm likely seeing a certificate error because t...

@Nathan, Could you please  clear your cache and try again?  Your problem should  disappeare now.
Nathan Feaver wrote:

Okay, I asked a guy at work who knows his stuff:

I'm likely seeing a certificate error because t...

You're right. That fixed it. Thanks! This is a much better solution.

Reply