certificate errors - market website - Gen8, Gen9, Gen10 Q&A, Help & Troubleshooting

The new android market website is returning security certificate errors when I visit it in Internet explorer?
https://market.android.com/
Is this the correct address?
google shows this one and another, which also brings up security warnings.
http://www.android.com/market/free.html
anyone else getting this?
What is the actual official sites address?
cheers

The address you have is correct. No errors in Firefox.
Checked the cert and appears to have been signed by Google. Maybe IE doesn't recognize them as a signing authority.

hmmm, I just tried it in chrome and its ok,
odd, yesterday it was working fine in IE...
cheers.

last night I noticed my the standard Android browser on my Archos 70 was giving me security warnings when browsing to market.android.com. I could ignore them though. Complaint was that Google had signed the certificate, not Android.
The market seems to be hastily put on-line. I'm sure it will clear up in a few days.
Probably wouldn't hurt to post a bug report. I see there are already several in the forum. Just search for certificate.
https://market.android.com/support/bin/answer.py?hl=en&answer=136634

No problem with FireFox but Archos's Device could not install any app from https://market.android.com/

Related

Cert not installing?

OK. I've app unlocked my phone as per post 188 here -> http://forum.xda-developers.com/showthread.php?t=372717 (Thanks Erofich) and now when I try and install my server certificate I no longer get the message that my I don't have permission but I don't get the message saying it's been installed either (nothing seems to happen) and I still get a cert error when I try and sync. Any ideas?
Thanks
If you have changed the 1017 policy to 144, then it should allow it.
You dont get a confirmation message on installation though. So check settings, security, certificates, root certificates to make sure it has gone into the right place.
If its there and you get the error then the cert doesnt match the server...
Thanks. The cert is there.
It is the same cert I have been using successfully on my Ameo (where you do get a confirmation message) so I'm now stumped
Its definitely in the root certs?
I would start at the beginning and double check server name and sync settings on device.
Its definitely in the root certs.
The name on the cert is the server name I connect to and everything 'seems' fine, but I still get 0x80072F0D invalid cert.
I downloaded the cert from my certsrv and have double checked my ActiveSync settings and confirmed the server name, user name, password and domain.
Anything else I can check?
Thanks
Hmmm... as long as you are using the FQDN for the server, then there is no reason for it not to work.
I wonder if you delete the partnership and recreate it (now the certificate is installed) it might help?
Deleted the account and tried again. Still no joy. And I am using the FQDN.
I'm hopefully going to update to WM6 over the w/e so will try again then.
Thanks for your help.
Ah... I thought you might have already done the WM6 thing. It does resolve some issues like this.
I just flashed an 8500 to WM6 this week using the guides here and it went fine (as did exchange syncing).
Well...
Just upgraded to WM6 and still the same problem
Do you have access to the server itself? Or is it a work/hosted server?
If its your own server, you could try a fresh cert export (just in case yours is in the wrong format) by opening up an MMC and Add a SnapIn - Certificates, select Local Machine. In the Personal Folder, export the Root trusted cert that you are using for your SSL. Export it in the DEP x.509 cert format. Copy it to your PPC and
click on it to install it.
OK - went to server and my FQDN was in my root certs 3 times!
I exported all 3 and imported to phone and it's now happily syncing away.
Many thanks for all your help and your clear instruction s on how to export my certs. So simple even I could follow them.
Now running WM6 AKU 0.5 - pity you can't get it in English but I can understand American.
Thanks again for all your help.
Superb news.
Most people have problems with just one certificate!
That's what I like about this site - not only are people amaisingly helpful, but they seem genuinely pleased when a problem gets resolved
Thanks again
Hi folks,
sorry for being late, i think I can point you to the right direction:
As per Daniel Melanchton (german MVP for Mobile Devices), you need two certificates. One ist the cert for the server and one is the root cert. The root cert is needed for the mobile device checks also the origin of your cert (in german called "Zertifzierungstelle" e.g. Thawte). There's a perfect documentation floating around in the web, but it's only in available in german (called ex2k3_clientzugriff_1.wmv). He shows how to set up your mobile device and how to get the certs by exporting them from internet explorer using outlook web access.
Best regards,
tsfnet
tsfnet said:
As per Daniel Melanchton (german MVP for Mobile Devices)
Click to expand...
Click to collapse
Just a small correction
Daniel has never been MVP for mobile devices. He was MVP for Exchange Server and is now working for MS.
Bye
OK - so which one of you two is going to translate ex2k3_clientzugriff_1.wmv into English for us?
äääähhhhmmmmm,
i'll try to provide a pdf with screenshots and explanation if this would help. But this will take some time as i am in heavy business at the moment due to changing our erp-software at work.
He actually got it working about three days ago.
tsfnet said:
due to changing our erp-software at work.
Click to expand...
Click to collapse
What from and too? we're looking at Dynamics AX because they're too cheap to get JDE...
unwired4 said:
He actually got it working about three days ago.
Click to expand...
Click to collapse
yep, i know, but it could be helpful for other users, couldn't it ?
I just love people tributing to this forum AFTER solving their problem and not just "hey, it works now, perfect, thanks and bye forever" (maybe that's too hard, i know a lot of users do contribute a lot and spend a lot of time after solving their problem).
We need to understand why it works now. Do you know the difference between a cert and a root cert ? If you know it, you don't run into the same problem. That's why i will provide a simple pdf about installing the needed certs on your mobile device for acceesing an exchange server with ssl.

Applications I never dowloaded

First off,
Sorry moderators If I choose the wrong subforum to post
Today, I was warned by Google about some behavior with my account and suggested to change my pass. I thought was due my 3G experiments and new IP etc.
Later, testing everything was alright I see a Samsung tablet added to my Play account on November 22, 2012, but don't have one. Only had Motorola and all the time.
Then, I saw my Google account was accessed from Russia but also from United States. And I'm not living there, neither two countries. I see US was the first external Country added to my activity report along November, and Russia was added on December.
The strange thing is Gmail not displaying any strange IP, only local IPs from my computers and phone.
Minutes ago, checking what was download from Market I've found lot applications I never installed. Adults and Games applications.
Do you think this can be because some android apps?
I never downloaded from other sources than market but used custom roms form this lovely forum.
Do you think it's some kind of market problem when devices are identified?
I would like to remove that apps not downloaded by me and the device itself. But seems there is no way to do that.
Any ideas will be really appreciated.
First of all, I would recommend you stop experimenting with your IP . Secondly, you can remove the downloaded apps from the Play Store list but it's a time-consuming process.
1. Open Play Store.
2.Press the Menu button and select My Apps(Phone) or click the Download icon(Tablet).
3.Click the All Tab.
4.Next to each app, there should be a cross or some other icon.
5.Click it and the app shall be removed from your download list.
6.Celebrate !
7.Hit thanks if it helped :thumbup:
Sent from my Xperia Pro using xda app-developers app
Hi,
Thanks for the advice about IP. But this should not be a problem.
This probes how stupid become some companies within time. And we accept his stupidity.
How Google allows connections to your account form a different country than the one you're living?
Small companies have this security option by default.
Two steps verification is one option but not the final solution. This is basis 101. Now I know Facebook or Yahoo are a lot safe.
Now the problem is to remove from my account the android device I don't have.
Some friend says Facebook only needs a search engine to kill any players and seems he is right. I'm very disappointed by Google and unfortunately I have to stick with or move away to Apple.
Linuxser said:
Hi,
Thanks for the advice about IP. But this should not be a problem.
This probes how stupid become some companies within time. And we accept his stupidity.
How Google allows connections to your account form a different country than the one you're living?
Small companies have this security option by default.
Two steps verification is one option but not the final solution. This is basis 101. Now I know Facebook or Yahoo are a lot safe.
Now the problem is to remove from my account the android device I don't have.
Some friend says Facebook only needs a search engine to kill any players and seems he is right. I'm very disappointed by Google and unfortunately I have to stick with or move away to Apple.
Click to expand...
Click to collapse
Whoa man! No need to take such quick actions due to some small flaws Google allows the access because you were still using your phone which is synced to your Google account during the process of testing your 3G and changing IP.

Opt out plugins for Google Analytics in PC browsers (and maybe mobile?)

I know this is a little off topic for the Evo 3D forums and even for XDA, but I thought it is worth sharing here since we all use PC's of some sort.
The browsers (Chrome and IE) on my PC were really sluggish today and I happened to notice that when my mouse was hovering over the screen there was a message at the bottom of the screen saying that it was waiting on the Google Analytics website.
I'm not sure if their servers are having problems or just overloaded today but I suspected that might be the cause for my browsers' sluggishness so I did a Google search and found this page that has plugins available to opt out for most of the PC based browsers. I'm not sure why browsers other than Chrome need plugins but I'm guessing it's because Google's websites force that data collection. Although I mostly use Chrome these days, you really need to keep IE around on a Windows system for compatibility with some websites and apps.
I've installed the plugins for Chrome and IE and my browsers seem to be faster, and I feel a little better about my privacy.
Edit: Apparently at least some these plugins have been available for almost three years. I'm glad I finally found them as I for one don't want to be waiting for a response from websites I use while Google is collecting statistics.
Hmmm...
I wonder if there are similar plugins or settings for mobile browsers that might bring this thread back on topic?
ramjet73
Thanks for sharing! That helped my firefox speed.
Update
I should have known it wasn't going to be that easy to opt out of Google Analytics using the Chrome browser.
After installing the plugins linked in the OP I was still seeing "waiting for www.google-analytics.com' at the bottom of the Chrome window. I'm not sure what exactly the plugin does but apparently it doesn't block code in a web page that explicitly accesses the JavaScript code on the GA website.
My next step was to add entries in my host file to redirect the GA URL's to localhost (127.0.0.1) and that just caused delays while the browser timed out waiting for a response from GA.
Finally I figured out how to create a manual filter in the Adblock extension to block access to the specific URL being used for the javascript code on the GA sever and that seems to have worked.
Now I need to figure out what is required to do the equivalent in the mobile browsers.
Any ideas?
ramjet73

I think I found a virus in an apk I downloaded here, I need some help

Yesterday I downloaded an apk from this thread https://forum.xda-developers.com/showthread.php?t=714116, I thought it should be relatively safe as it was from 2010 and no one said anything in that thread regarding it, but as soon as I installed it I received a confirmation code from Google for authentication on another phone as this wasn't my main phone.
The apk I downloaded was the one posted by "kokenjr" on 18th October 2010, the 5th reply on that page, for "extracting the full shazam database of tags".
Could anyone investigate that apk and see what is actually inside it? I didn't know it was possible for it to get the password for the account on the phone, but it seems it instantly got it and sent it somewhere and a login was immediately attempted. And a lot of people downloaded that apk. I tried scanning the file online for viruses but it returned nothing so I think it may be something undetected.
Also what was strange is that I received a Duo voice call about half an hour later from "[email protected]" which I'm fairly confident is related to this as I never received duo calls from unknown sources.
Another question I would have is, should a factory reset of the phone clear it out or could it still be there? Also, if someone investigates it, I'm interested in what it was able to do and if I should be worried about it getting in the google cloud stuff.
I'm not really sure how severe this virus is, but as it's still there on the page and someone is listening and trying to hack accounts with it and maybe many others, someone should look into it
Thank you very much
p.s. I used this account to post as I created it a long while ago to download something from here.
@Thisthename
I looked inside the APK
The app in question is just a SQLite database viewer: the database it works on is stored as
/data/data/com.shazam.android/databases/library.db - I think
jwoegerbauer said:
@Thisthename
I looked inside the APK
The app in question is just a SQLite database viewer: the database it works on is stored as
/data/data/com.shazam.android/databases/library.db - I think
Click to expand...
Click to collapse
@jwoegerbauer I really don't expect the cause to be anything else, as I mentioned above, the minute I saved the app on the phone and installed it, that is when I received the Google verification code and I didn't do anything regarding my google account or something like that, only browsing some websites to see how to extract the shazam tags, nothing shady and nothing else that I think could have an impact on this. And the coincidence is just insane.
Also, technically, even if it was something a factory reset should have most likely solved it right?

Archos 101 G8 - browsing is broken

Hi,
I've just taken a 101-G8 out of its box after about 10 years. I was pleased to find it was still in working conditions, was able to connect it to the wifi, use the installed apps, but trouble started when I tried to browse (using the pre-installed Dolphin browser). Almost all sites give me the 'Web page not available' message. After some trials I found that accessing http version instead of https would work, if the site didn't force a redirect. So I suspect a certificate issue, but I have no clue how to update them. Then I found out that the AppsLib and Market apps are no longer supported, so I can't update or install new apps.
After reading the forums, I know I could try to upgrade Android to something like 4.0 (via Cyanogen), but I'm not even sure this would fix my browsing issues, which is all I need right now (I'd like to use it for my kids to access the doodlelearning.com website). Any advice for me?
Thanks!

Categories

Resources