Community
Showing results for 
Search instead for 
Do you mean 
Reply

security certificate bad?

Administrator
Posts: 4,037
Country: United_Kingdom

Re: security certificate bad?

Could anyone who has experienced the error please confirm if they are also using any third-party addons for Act!?
Our support team have been able to troubleshoot this error with one customer, who was also using the Crystal Clear reporting addon. Disabling the addon stopped the errors from occurring.
Copper Contributor
Posts: 83
Country: USA

Re: security certificate bad?


@Gary W wrote:
Could anyone who has experienced the error please confirm if they are also using any third-party addons for Act!?
Our support team have been able to troubleshoot this error with one customer, who was also using the Crystal Clear reporting addon. Disabling the addon stopped the errors from occurring.

I do not have any third party add-ons - I do utilize a remote database, however.

Copper Contributor
Posts: 54
Country: USA

Re: security certificate bad?

I checked my logs, The Act! computer pulled a DNS lookup for radar.cedexis.com on 8/4 & 8/26, both times DNS responded back with an IP address of 0.0.0.0, so Act! went on it's merry way - no errors were reported.

So, for now, I'm going to blacklist cedexis.com & see how things go. 

 

In view of the fact, that Act! only pulled look-ups twice this month, I am guessing a url in the Social Update or Web Info tabs caused this issue.

Administrator
Posts: 271
Country: United States

Re: security certificate bad?

Based on the certificate message I agree it's either web_info/Social media or the welcome page.  I notified dev manager and IT manager, but we don't have a cert with them to my knowledge so I suspect it's indeed one of the web hosts that server pages for one of these sites had an issue and they resolved.

 

Is anyone still getting this Today as I I'm hearing from a few acc's that they can't repro anymore.

Nickel Super Contributor
Posts: 412
Country: Germany

Re: security certificate bad?

Not having the problem anymore (this is indeed so) doesn't acquit SPI from explaining the background of the problem. I have several customers on my heels asking for an explanation, as they assume yet that yet another tracking tool (this time hidden in ACT!) is collecting data without their consent. 

Andreas Schlesselmann
Melville-Schellmann GbR
Germany
www.melville-schellmann.de
Copper Contributor
Posts: 54
Country: USA

Re: security certificate bad?

Andreas,

If this was SPI's fault, I would agree, however, it is far from clear that it is their fault. Try running Act! on a stand-alone computer with an empty database and monitor your DNS log to see if this domain is accessed.

John

Administrator
Posts: 271
Country: United States

Re: security certificate bad?

At this time we are fairly certain it's related to one of the social media sites that referenced another site that had an expired certificate.  FWIW, we don't use godaddy.

Administrator
Posts: 4,037
Country: United_Kingdom

Re: security certificate bad?

To expand on Brian's previous post:

I dug out a web traffic monitoring tool and tested various areas in Act! to see if I could spot any requests being made to the cedexis.com domain. I've found that that loading a LinkedIn page will also cause requests to be made to radar.cedexis.com amongst others. This happens when you access it though the Web Info or Social Updates tabs in Act! (or any other web browser). They seem to be using the cedexis.com service as part of their analytics services. In practice this means that accessing Linkedin in any browser, will also inadvertently mean you're accessing radar.cedexis.com, along with Google's ad delivery network, and other CDNs that deliver the page content. You can see these requests happening in this screenshot below:

 

Fiddler_2017-08-29_17-15-47.png

 

I was not able to see any reference to cedexis.com domains in the requests Act! was making, without first loading a LinkedIn page in one of these tabs. Once the tab has been opened and the embedded web browser has loaded LinkedIn, the page remains open in the background of Act! until another page is opened in the same tab, or the program is closed.

From observing the requests made over time, it seems that LinkedIn occasionally triggers a re-check, where it makes another set of requests to the cedexis.com service. Because the page is still technically open in the background, this is likely the reason why the errors were being presented at seemingly random times while using Act!, when in fact it was just coincidence that LinkedIn was doing a re-check at that time.

Copper Contributor
Posts: 83
Country: USA

Re: security certificate bad?


@Gary W wrote:

To expand on Brian's previous post:

I dug out a web traffic monitoring tool and tested various areas in Act! to see if I could spot any requests being made to the cedexis.com domain. I've found that that loading a LinkedIn page will also cause requests to be made to radar.cedexis.com amongst others. This happens when you access it though the Web Info or Social Updates tabs in Act! (or any other web browser). They seem to be using the cedexis.com service as part of their analytics services. In practice this means that accessing Linkedin in any browser, will also inadvertently mean you're accessing radar.cedexis.com, along with Google's ad delivery network, and other CDNs that deliver the page content. You can see these requests happening in this screenshot below:

 <deleted image>

 

 

I was not able to see any reference to cedexis.com domains in the requests Act! was making, without first loading a LinkedIn page in one of these tabs. Once the tab has been opened and the embedded web browser has loaded LinkedIn, the page remains open in the background of Act! until another page is opened in the same tab, or the program is closed.

From observing the requests made over time, it seems that LinkedIn occasionally triggers a re-check, where it makes another set of requests to the cedexis.com service. Because the page is still technically open in the background, this is likely the reason why the errors were being presented at seemingly random times while using Act!, when in fact it was just coincidence that LinkedIn was doing a re-check at that time.



FWIW... I don't use the social media tabs - I don't have them installed/visible - so I'm curious as to what else could have caused it, because I don't use that feature.

Nickel Super Contributor
Posts: 412
Country: Germany

Re: security certificate bad?

Same for me and my customers. Social media tabs are not part of the layouts and my banking consultancy customer has blacklisted the social media sites additionally.

Andreas Schlesselmann
Melville-Schellmann GbR
Germany
www.melville-schellmann.de