1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Reply to: When will HMRC...

Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "When will HMRC..."

Collapse
  • centurian
    replied
    Originally posted by Lance View Post
    So let’s get this right. You trusted your clients PC setup more than gov.uk ssl cert?
    Personally I’d treat both with some caution.

    Do you use internet banking with clients PC?
    At ClientCo, they use SSL interception, but some sites (internet banking, NHS etc.) are on a whitelist for no interception.

    Leave a comment:

  • Lance
    replied
    Originally posted by centurian View Post
    Are they using SSL Interception, where the proxy spoofs the client cert so they can inspect the traffic and see if you are up to naughty things.

    To achieve this, they install new root certs on their estate. The proxy regenerates the website certs and signs them with the interceptor root. Maybe you don't have that root installed.

    What's the root cert in the chain - not the issuer as that could have been spoofed as well.
    Perhaps ever PC has the same error and they’re breeding bad user behaviour (ignoring cert errors).

    Leave a comment:

  • Lance
    replied
    Originally posted by Jog On View Post
    Must be a problem at clientco then
    So let’s get this right. You trusted your clients PC setup more than gov.uk ssl cert?
    Personally I’d treat both with some caution.

    Do you use internet banking with clients PC?

    Leave a comment:

  • centurian
    replied
    Originally posted by Jog On View Post
    Must be a problem at clientco then
    Are they using SSL Interception, where the proxy spoofs the client cert so they can inspect the traffic and see if you are up to naughty things.

    To achieve this, they install new root certs on their estate. The proxy regenerates the website certs and signs them with the interceptor root. Maybe you don't have that root installed.

    What's the root cert in the chain - not the issuer as that could have been spoofed as well.

    Leave a comment:

  • Jog On
    replied
    Must be a problem at clientco then

    Leave a comment:

  • SeanT
    replied
    Nowt wrong with it: https://www.ssllabs.com/ssltest/anal....33.144&latest

    Leave a comment:

  • Lance
    replied
    Originally posted by vwdan View Post
    Fine here. Cert valid, not revoked.

    Do you need to update your root CA's? Did you check it via any other means? SSL Labs is giving them an A+ rating which is normally an excellent start.

    (Amateurs indeed!)
    I don't think updating the root CAs will help. GlobalSign have been around year. Unless OP is using Windows 95 I think it's more likely that the OS or browser CA list has been modified. That would make the OS/browser untrusted rather than the website IMO.

    Leave a comment:

  • vwdan
    replied
    Fine here. Cert valid, not revoked.

    Do you need to update your root CA's? Did you check it via any other means? SSL Labs is giving them an A+ rating which is normally an excellent start.

    (Amateurs indeed!)

    Leave a comment:

  • Lance
    replied
    what's wrong with a cert with 9 months left to go?

    the question is why does your browser think the authority is invalid. Looks OK to me.

    Leave a comment:

  • Jog On
    started a topic When will HMRC...

    When will HMRC...

    Sort out their website certificate

    Bunch of amateurs!

    Your connection is not private
    Attackers might be trying to steal your information from www.gov.uk (for example, passwords, messages, or credit cards). Learn more
    NET::ERR_CERT_AUTHORITY_INVALID
    Subject: www.gov.uk

    Issuer: GlobalSign Organization Validation CA - SHA256 - G2

    Expires on: Oct 15, 2018

    Current date: Jan 18, 2018
    Tags: None

Advertisers

  1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
Working...
X