cancel
Showing results for 
Search instead for 
Did you mean: 

Certificated Error - Access certain sites - login.live.com blocked

hallyfrog
I've been here awhile

Last night I reported an issue with Ignite Internet (started happening mid day on Feb 13) via chat support. 

 

Issue: any Microsoft website (onedrive.com or my onedrive service, outlook.com, technet, etc.)  complained about a certificate that wasn't trusted, and Microsoft disallowed the connection.  The certificate was a Rogers certificate.  When I accessed same Microsoft sites from my cell phone/network (no wifi) they all worked fine. 

 

It was escalated from original rep to Ignite support, then Ignite rep had me do some tracert's, an ipconfig and send output back.  From results, he felt it was a problem on Rogers side and escalated to engineering.  Nothing in last 24 hrs so I continued troubleshooting.

 

MY RESULTS

Noticed every MS site I accessed uses login.live.com first (assuming to authenticate me).  It was login.live.com that complained about invalid certificate or someone hacking the connection (paraphrasing).  So I did bunch of tracert's my own, finally executed a tracert login.live.com then low and behold instead of it resolving to a Microsoft name/ip, similar to other sites... it resolved to ignitewifiblock.rogers.com.

 

So I disabled Protected Browsing option on the Ignite router and bingo all started working again.

 

Could Rogers Ignite Service be blocking login.live.com which looks to be Microsoft's authentication service?

 

***Added Labels***

10 REPLIES 10

Re: Certificated Error - Access certain sites - login.live.com blocked

RogersAndy
Retired Moderator
Retired Moderator

Hey @hallyfrog!

 

Welcome to the Community!

 

Thanks so much for bringing this to our attention! I haven't personally seen anyone else be impacted by this particular issue but having it here in the forums is a great start to build awareness should it become an issue.

 

Has anyone else in the community experienced any issues visiting Microsoft sites? Let us know here :).

 

@RogersAndy

Re: Certificated Error - Access certain sites - login.live.com blocked

I have the same problem. Pretty much started on the same day as the previous writer. What do I have to do to disable the "safety " feature its driving me nuts.

Re: Certificated Error - Access certain sites - login.live.com blocked

mbahire
I've been here awhile

I have the same issue and I would imagine many others will as well. They just aren't technical enough to have determined that Rogers is the cause not Microsoft.

Detail:

Troubleshooting comes up with the same root cause.

Rogers ignite is blocking access to login.live.com via the browser. What is worse, is that is also blocks the app from signing in and syncing. 

After turning off protected browsing, access online works .

Sync still says 'network not available'. I will reboot to see if that resolves things.

Re: Certificated Error - Access certain sites - login.live.com blocked

mbahire
I've been here awhile
Just to add, sync worked up until 2/7/2020 I assume that is where the protected browser settings changed/kicked in that blocked login.live.com...

Also, sync is now working after turning off protected browsing.

I like the idea of protected browsing, but I really need onenote for work.

Re: Certificated Error - Access certain sites - login.live.com blocked

Good morning Community!

 

We've attempted to replicate this issue from here but were unsuccessful. 

 

Since this seems to be certificate related, has anyone yet tried to delete this particular certificate to see if their browser will retrieve a new one that allows them to reach the site?

 

Has anyone noticed if any other sites other than login.live.com are impacted? Please let us know.

 

 

Regards,

RogersCorey

Re: Certificated Error - Access certain sites - login.live.com blocked

mbahire
I've been here awhile

I actually do not think this is certificate related. The certificate error is coming back because the rogers browser protection is redirecting the page to the Rogers Blocked Page and the browser is throwing the error because what it was expecting was a secure page and the Rogers Blocked Page is self certifying. When I accept the risks it then shows the Rogers page.

 

Going back to the root issue, I have 2 factor authentication on. The part where the error is thrown I believe is after you enter your email address and before it indicates that it sent the authentication request.

 

I authenticated and set remember me... I am going to turn protected browsing back on and see what happens. I'll get specific details on where it fails.

Re: Certificated Error - Access certain sites - login.live.com blocked

mbahire
I've been here awhile

Turned on Protected Browsing and hit the same issue: 

Steps to reproduce :

pre-requisite : 2 factor authentication set

1. go to onenote.com, click sign on

2. enter email address click ok

 

Expected result : message from microsoft indicating that authentication request sent (should then ping mobile to accept request and enter code).

 

Actual result : Browser error

Did Not Connect: Potential Security Issue

Firefox detected a potential security threat and did not continue to login.live.com because this website requires a secure connection.

login.live.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.

 

When click advanced you see that the certificate is actually Roger's certificate (from the protected error page) due to the redirect when the browser was expected to still be going to login.live.com.

 

So this is happening in the network by protected browsing not at the browser/client level.

 

Re: Certificated Error - Access certain sites - login.live.com blocked

hallyfrog
I've been here awhile

@RogersAndy  can we escalate?  The replies to this thread show I'm not the only one experiencing the issue.  Customers shouldn't have to disable Protected Browsing to leverage one of the more highly used and reputable sites on the internet (Microsoft). 

 

Sure other customers are experiencing this as well, possibly less technical than those of us replying or don't have the time to work through it with customer service / support.  Took me over hour and 3 tiers of service to report it.  Got an update via text the other day saying my Ignite TV issue (after all that it's classified as a TV issue not internet) is still pending investigation almost a week later.

 

Re: Certificated Error - Access certain sites - login.live.com blocked

hallyfrog
I've been here awhile
This was exactly my troubleshooting experience as well @mbahire. Believe I had to restart to at min get the onedrive sync working again.

Re: Certificated Error - Access certain sites - login.live.com blocked

Good morning Community!

 

I think it would be prudent if we perform escalations and send tickets for this certificate error. I don't want any of our customers to be forced to disable protected browsing if there is an alternate solution. 

 

If you are impacted by this issue, please reach out to us @CommunityHelps via PM. If you're not familiar with our PMing process, you can find instructions here.

 

Regards,

RogersCorey

Topic Stats
  • 10 replies
  • 4471 views
  • 0 Likes
  • 5 in conversation