01-29-14 05:20 PM
35 12
tools
  1. bhrgvr's Avatar
    have he latest leak running on my STL100-1 and when the battery runs out completely and it boots up the first thing that I see is the following screens... Provider Identity Not Verifiable-img_20140125_060741.png

    When I click on details... I get this:

    Provider Identity Not Verifiable-img_20140125_060750.png
    Provider Identity Not Verifiable-img_20140125_060756.png
    Provider Identity Not Verifiable-img_20140125_060803.png

    Any Idea whats going on?
    01-25-14 10:14 AM
  2. just_luc's Avatar
    It's popped up a time or two on my device as well, usually when i'm in an area of poor signal coverage or on a wifi network that isn't working properly.. doesn't seem to cause any issues though, I just dismiss it.
    01-25-14 11:28 AM
  3. bhrgvr's Avatar
    It's popped up a time or two on my device as well, usually when i'm in an area of poor signal coverage or on a wifi network that isn't working properly.. doesn't seem to cause any issues though, I just dismiss it.
    Interesting... my wi-fi coverage is pretty good at home. maybe it takes a little while to get the certs from google...

    Posted via CB10.
    01-25-14 11:33 AM
  4. jpvj's Avatar
    What is the server name for your Google account? (Account -> Advanced).

    The certificate is downloaded for sure - otherwise it could not be checked and it verifies fine according to the screenshots.



    Posted via CB10
    01-26-14 03:42 AM
  5. tickerguy's Avatar
    This warning is one of the things that distinguishes BlackBerry from the others (Android and IOS do NOT warn on this condition.)

    It means that the key last used to encipher the connection has CHANGED. The new key is valid according to the certificate chain, but it's DIFFERENT than the previous one.

    This can be normal, but it can ALSO implicate a MITM attack (such as by the NSA!)
    toobs623 likes this.
    01-26-14 10:28 AM
  6. bhrgvr's Avatar
    What is the server name for your Google account? (Account -> Advanced).

    The certificate is downloaded for sure - otherwise it could not be checked and it verifies fine according to the screenshots.



    Posted via CB10
    Shows www.google.com

    Posted via CB10.
    01-26-14 02:36 PM
  7. bhrgvr's Avatar
    This warning is one of the things that distinguishes BlackBerry from the others (Android and IOS do NOT warn on this condition.)

    It means that the key last used to encipher the connection has CHANGED. The new key is valid according to the certificate chain, but it's DIFFERENT than the previous one.

    This can be normal, but it can ALSO implicate a MITM attack (such as by the NSA!)
    Uh oh... attack??? am I getting compromised someplace.

    Posted via CB10.
    01-26-14 02:37 PM
  8. mrjmc99's Avatar
    Maybe the system clock hasn't started up completely. The most common cert error that ive seen is the date/time being wrong. If you saw this once I would think that it was bad timing and the cert did expire and you hadn't downloaded the new cert or signing root.

    Posted via CB10, Z10STL100-4/10.2.1.1925
    01-26-14 05:55 PM
  9. jpvj's Avatar
    This warning is one of the things that distinguishes BlackBerry from the others (Android and IOS do NOT warn on this condition.)

    It means that the key last used to encipher the connection has CHANGED. The new key is valid according to the certificate chain, but it's DIFFERENT than the previous one.

    This can be normal, but it can ALSO implicate a MITM attack (such as by the NSA!)
    Hmmm... There are no keys being reused between SSL sessions when the app has been restarted. Are you thinking of "Reuse Session ID". This is normally used within a running instance of e.g. a browser, so different tabs/sessions to the same server does not have to do a full SSL handshake again. Since this happens *after a reboot* I will rule this out. Let me know if you are thinking of somehing else.

    The error shown is related to the SSL certificate validation which happens right after a few messages has been exchanged (e.g. the client sending supported ciphers to the server)
    .
    The certificate has been downloaded and the client will look at the certificate properties and perform basic validation such as making sure the URL matches the Issued to field, the Issued By field contains a Trusted Certificate Authority, expiration date looks good in the Valid From field, etc.

    The certificate at https://accounts.google.com has only 1 SAN (Subject Alternate Name) - accounts.google.com, so it makes completely sense if the email account shows Google as the hostname.

    Google resolves to approx 15 IP adreses and accounts.google.com resolves to a single IP (not identical to the 15 others).

    OP> Can you pls. post all account settings from the email account? (Pls. erase login info from the image).
    01-26-14 07:31 PM
  10. Branta's Avatar
    I'm pretty sure from the description that this is a simple timing problem at startup. The process which checks certificates is not giving the communication process time to connect fully, so it can't confirm the certificate is valid and not revoked.

    Sent from an Otterbox wrapped Samsung Galaxy.
    just_luc likes this.
    01-26-14 07:38 PM
  11. JRF_1986's Avatar
    Got this today. Also on a STL100-1 on 1925. Just dismissed it, hasn't been an issue.

    Posted via CB10 on my Q10
    01-27-14 12:44 AM
  12. bhrgvr's Avatar
    Got this today. Also on a STL100-1 on 1925. Just dismissed it, hasn't been an issue.

    Posted via CB10 on my Q10
    Yes it has not been an issue and I generally dismiss it. But I really wanted to know what this is all about.

    Posted via CB10.
    01-27-14 05:04 PM
  13. bhrgvr's Avatar
    Hmmm... There are no keys being reused between SSL sessions when the app has been restarted. Are you thinking of "Reuse Session ID". This is normally used within a running instance of e.g. a browser, so different tabs/sessions to the same server does not have to do a full SSL handshake again. Since this happens *after a reboot* I will rule this out. Let me know if you are thinking of somehing else.

    The error shown is related to the SSL certificate validation which happens right after a few messages has been exchanged (e.g. the client sending supported ciphers to the server)
    .
    The certificate has been downloaded and the client will look at the certificate properties and perform basic validation such as making sure the URL matches the Issued to field, the Issued By field contains a Trusted Certificate Authority, expiration date looks good in the Valid From field, etc.

    The certificate at https://accounts.google.com has only 1 SAN (Subject Alternate Name) - accounts.google.com, so it makes completely sense if the email account shows Google as the hostname.

    Google resolves to approx 15 IP adreses and accounts.google.com resolves to a single IP (not identical to the 15 others).

    OP> Can you pls. post all account settings from the email account? (Pls. erase login info from the image).
    Just taken the screen shots. Will upload the images after editing out the info.

    Posted via CB10.
    01-27-14 05:05 PM
  14. toobs623's Avatar
    Have you guys tried deleting the account and adding back with manual setup instead?

    Posted via CB10
    01-27-14 07:34 PM
  15. Naeg1995's Avatar
    the same message appears today on my Q10 but for a hotmail ..
    Why is this happening ?
    What should i press continue or cancel , cause with cancel it appears again ...
    01-28-14 06:16 AM
  16. jpvj's Avatar
    Strange - I had the same box popping up today.
    Nothing changed on my Exchange server or on the device.
    The message popped up about 15 minutes after I had reconnected to the mobile network, but the device was all the time connected to WiFi.

    Seems like a validation bug on the device as we now have several users sharing the same experience.
    01-28-14 06:33 AM
  17. msmilktoast's Avatar
    I also rec'd this msg for Hotmail on Z10. I chose continue and everything seems to be OK.

    Posted via CB10
    01-28-14 06:35 AM
  18. Naeg1995's Avatar
    its poping out all time , i can't open my accounts and doesn't let me put the passwords again in the fields .
    Something is going on hear ….
    01-28-14 06:53 AM
  19. Method_Man's Avatar
    Also getting this message now for hotmail (outlook.com) on a STA -5 z30.

    deleted the account and tried to re add, still same issue.

    For now just living without the account added, curious as to what is happening.
    01-28-14 07:00 AM
  20. Naeg1995's Avatar
    the same with me .
    Just deleted two accounts and can't bring them back ..
    What the hell is going on today ?
    01-28-14 07:31 AM
  21. trsbbs's Avatar
    If the email server does not have a certificate installed and your connecting via SSL you will get this.

    CB10 via Verizon Z10. 10.2.1.1925
    01-28-14 07:50 AM
  22. Naeg1995's Avatar
    If the email server does not have a certificate installed and your connecting via SSL you will get this.

    CB10 via Verizon Z10. 10.2.1.1925
    Yes but this suddenly happened to all of us today .Why ?
    01-28-14 08:06 AM
  23. Thannor's Avatar
    Just got this today on my Z30. Specifically after I turned on wi-fi and disabled the cellular radio to check for updates (unlocked phone with T-Mobile sim). My Hotmail was trying to do scheduled downloads at that time and the change of network must have triggered the cert window .

    Posted via Z30 from C10
    01-28-14 08:37 AM
  24. Thannor's Avatar
    Update: Found the answer. Went into settings >security>certificates and there are two Global Sign Root Ca certificates listed. One is no longer valid after today and the other one expires 14 years from today.

    Posted via Z30 from C10
    Naeg1995, bigbadben10 and kware84 like this.
    01-28-14 08:43 AM
  25. kb1234's Avatar
    Same here, this is weird

    8530 -> 9670 -> palm pre -> palm pixi -> 9850 -> 9930 -> iPhone 4 -> Z10(white) -> HTC One -> S3 -> S4 -> Q10 -> Z10(black)!!!!
    01-28-14 08:43 AM
35 12

Similar Threads

  1. Vidstitch Pro. Some pictures are not shown
    By geppo78 in forum Android Apps (Amazon Store & APK Files)
    Replies: 1
    Last Post: 01-25-14, 09:51 AM
LINK TO POST COPIED TO CLIPBOARD