2/2/14
Original Poster
Google userWhy do I keep getting SSL error/HSTS failure when I try to go to twitter?
3 Recommended AnswersHave you checked our known issues page? This lists the major known issues & solutions for Chrome.
Your issue not there? Please provide the following information & provide a description of your issue:
Chrome Version (type about:version into your omnibox): 32.0.1700.102 (Official Build 246481) m
Operating System (Windows 7/8/Vista/XP, Mac, Linux, Android, iOS): Windows 8
Extensions (type Chrome:extensions into your omnibox): add blocker, add to pocket
Issue description:
I haven't been able to visit twitter these past two days and receive this error when I try:
Cannot connect to the real twitter.com
Something is currently interfering with your secure connection to twitter.com.
Try to reload this page in a few minutes or after switching to a new network. If you have recently connected to a new Wi-Fi network, finish logging in before reloading.
If you were to visit twitter.com right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real twitter.com.
twitter.com normally uses encryption (SSL) to protect your information. When Chrome tried to connect to twitter.com this time, twitter.com returned unusual and incorrect credentials. Either an attacker is trying to pretend to be twitter.com, or a Wi-Fi login screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.
Network errors and attacks are usually temporary, so this page will probably work later. You can also try switching to another network.
Technical details
twitter.com has asked Chrome to block any certificates with errors, but the certificate that Chrome received during this connection attempt has an error.
Error type: HSTS failure
Subject: ssl.cdngc.net
Issuer: DigiCert High Assurance CA-3
Public key hashes: sha1/ae59qg2zFxaY3CjC5fxD4dN/YIg= sha256/V4k/5XLareqhqZ8s3CwhflYHUQ59IBcw1JagAzk+6So= sha1/lfnXQ0sc5x3vQhHua+PA4CVvrZU= sha256/emrYgpjLplsXa6OnqyXuj5BgQDPaapisB5WfVm+jrFQ= sha1/gzF+YoVCU9bXeDGQ7JGQVumRueM= sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=
Your issue not there? Please provide the following information & provide a description of your issue:
Chrome Version (type about:version into your omnibox): 32.0.1700.102 (Official Build 246481) m
Operating System (Windows 7/8/Vista/XP, Mac, Linux, Android, iOS): Windows 8
Extensions (type Chrome:extensions into your omnibox): add blocker, add to pocket
Issue description:
I haven't been able to visit twitter these past two days and receive this error when I try:
Cannot connect to the real twitter.com
Something is currently interfering with your secure connection to twitter.com.
Try to reload this page in a few minutes or after switching to a new network. If you have recently connected to a new Wi-Fi network, finish logging in before reloading.
If you were to visit twitter.com right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real twitter.com.
twitter.com normally uses encryption (SSL) to protect your information. When Chrome tried to connect to twitter.com this time, twitter.com returned unusual and incorrect credentials. Either an attacker is trying to pretend to be twitter.com, or a Wi-Fi login screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.
Network errors and attacks are usually temporary, so this page will probably work later. You can also try switching to another network.
Technical details
twitter.com has asked Chrome to block any certificates with errors, but the certificate that Chrome received during this connection attempt has an error.
Error type: HSTS failure
Subject: ssl.cdngc.net
Issuer: DigiCert High Assurance CA-3
Public key hashes: sha1/ae59qg2zFxaY3CjC5fxD4dN/YIg= sha256/V4k/5XLareqhqZ8s3CwhflYHUQ59IBcw1JagAzk+6So= sha1/lfnXQ0sc5x3vQhHua+PA4CVvrZU= sha256/emrYgpjLplsXa6OnqyXuj5BgQDPaapisB5WfVm+jrFQ= sha1/gzF+YoVCU9bXeDGQ7JGQVumRueM= sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=
Community content may not be verified or up-to-date. Learn more.
Recommended Answers (3)
4/14/14
agl chromiumPeople having problems accessing Twitter on Windows XP: you need Service Pack 3: http://support.microsoft.com/kb/322389
People having problems accessing Facebook:
If you are on Windows XP then it's fairly common for the root store to be incomplete. Try installing the update first: http://support.microsoft.com/kb/931125
In general, when reporting network errors, providing a net-internals log is very helpful: http://dev.chromium.org/for-testers/providing-network-details
2/25/14
agl chromiumKim: Chrome 33 has been found to trigger bugs in non-default
configurations of Kaspersky and ESET security software.
We recommend that users disable SSL scanning in these products. Even
when they work, SSL scanning bypasses Chrome's own certificate
security.
We believe that we have a partial workaround for the ESET bug which we
are planning to include in a future Chrome 33 update.
We do not currently have a workaround for the Kaspersky bug that
doesn't involve reducing the security of all Chrome users. As other
browsers deploy the same changes as in Chrome 33, they will also
trigger the same bug.
To fix ESET do:
Setup -> Advanced setup... -> Web and Email -> Web access protection
-> HTTP, HTTPS -> check "do not use HTTP protocol checking" and click
"OK".
To fix Kaspersky:
Settings -> Additional -> Network -> unclick "Scan encrypted connections"
configurations of Kaspersky and ESET security software.
We recommend that users disable SSL scanning in these products. Even
when they work, SSL scanning bypasses Chrome's own certificate
security.
We believe that we have a partial workaround for the ESET bug which we
are planning to include in a future Chrome 33 update.
We do not currently have a workaround for the Kaspersky bug that
doesn't involve reducing the security of all Chrome users. As other
browsers deploy the same changes as in Chrome 33, they will also
trigger the same bug.
To fix ESET do:
Setup -> Advanced setup... -> Web and Email -> Web access protection
-> HTTP, HTTPS -> check "do not use HTTP protocol checking" and click
"OK".
To fix Kaspersky:
Settings -> Additional -> Network -> unclick "Scan encrypted connections"
2/8/14
Hanan AmarMy g/f's laptop had this problem too, but with every ssl protected site I tried.
Buuut it turned out the internal clock reset itself after the being depraved of juice for too long, so windows thought it was 2009.
resetting the time/date fixed the HSTS failure issue.
thought it would be worth to leave this here in case this could help you or anybody else who might have the same iisue
Were these answers helpful?
How can we improve them?
All Replies (114)
2/3/14
agl chromiumGiven this in the error: "Subject: ssl.cdngc.net", it looks like the error is correct. Chrome is making a connection to www.twitter.com, but it's ending up in the wrong place.
It would seem that something on the network is intercepting connections to Twitter and breaking it. You *could* try using a different browser, which won't have the same level of security, to see what happens but don't trust the the resulting site is actually Twitter.
2/8/14
Hanan AmarMy g/f's laptop had this problem too, but with every ssl protected site I tried.
Buuut it turned out the internal clock reset itself after the being depraved of juice for too long, so windows thought it was 2009.
resetting the time/date fixed the HSTS failure issue.
thought it would be worth to leave this here in case this could help you or anybody else who might have the same iisue
2/9/14
KV-GooglistI had the exact same errors. Checked my clock setting. It was showing January instead of February. Set it to the right date, the problem disappeared. Thank you!!!
2/13/14
AP ApidcYes - i too faced the same problem - but it rectified by simple changing the Date.
2/21/14
Priyanka ChhedaMake sure your system time and date is correct. I was facing the same issue. Updating time and date solved the issue. Hope this helps.
108 MORE
10/8/14
Sylv10What can I do to rid myself of this problem? SSL connection error.
This question is locked and replying has been disabled. Still have questions? Ask the Help Community.
Badges
Some community members might have badges that indicate their identity or level of participation in a community.
Community content may not be verified or up-to-date. Learn more.
Levels
Member levels indicate a user's level of participation in a forum. The greater the participation, the higher the level. Everyone starts at level 1 and can rise to level 10. These activities can increase your level in a forum:
- Post an answer.
- Having your answer selected as the best answer.
- Having your post rated as helpful.
- Vote up a post.
- Correctly mark a topic or post as abuse.
Having a post marked and removed as abuse will slow a user's advance in levels.
View profile in forum?
To view this member's profile, you need to leave the current Help page.
Report abuse in forum?
This comment originated in the Google Product Forum. To report abuse, you need to leave the current Help page.
Reply in forum?
This comment originated in the Google Product Forum. To reply, you need to leave the current Help page.