HTST Youtube certificate problems

Chrome, Firefox, Edge cannot access www.youtube.com on any domain computer.

Your connection is not private
NET::ERR_CERT_COMMON_NAME_INVALID

Cerfiticate issued by: Starfield Secure Certificate Authority - G2

Not a date/time problem

Site accessable when booted to safe mode.

Disabling Firewall not effective
Donald YatesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
That's interesting because Starfield Secure Certificate Authority is from Godaddy.  But Youtube is secured by Google certificates.  You have something intercepting your connection.
btanExec ConsultantCommented:
There is some basic check suggested to sieve out any plugin or AV at fault, the worst case is malware in the machine or some man-in-the-middle (MiTM) hijacking the request leading to insecure http mode..and possibly redirect..

https://support.google.com/chrome/answer/6098869

But before that it would also means the certificate is not what is expected ad shared by expert. Example the certificate is not trusted because the issuer certificate is unknown. One possoblr reason is the server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.
https://support.google.com/chrome/forum/AAAAP1KN0B0s4GgP7s-Rgk/?hl=en
Donald YatesAuthor Commented:
Thanks all.  I'm thinking that McAfee is causing the problem but I haven't been able to nail it down and correct.  Too many moving parts.

McAfee's Web thingy runs as an extension but I've removed it from Chrome with no luck.

Running in the safe mode tells me it's on my side. Seems to only affect those sites running HTST.

Still grasping.  All help appreciated.
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

btanExec ConsultantCommented:
Best is reinstall the browser or go to last restore point. But if you are referring to McAfee webadvisor appl then hopefully this helps if you have not chanced upon it.

 https://service.mcafee.com/webcenter/portal/cp/home/articleview;jsessionid=6IFU_FgBCSQQYDee9QP1HqJS_xhuqY037NRFs9N25DtQegJCO-96!936929485!24720336?articleId=TS100162

Assuming if after reinstall and removal of add on, probably also delete hsts setting too and restart again the testing.

https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/
Donald YatesAuthor Commented:
I think it has to be something in the domain since all computers stopped accessing youtube at the same time. Which was about the same time I switched to McAfee.  However stopping McAfee on one computer didn't fix it so I'm thinking McAfee did something to the domain controller.  Any ideas??
btanExec ConsultantCommented:
Web control plugin is managed at DC but specifically for IE.
If enabled, the ENS option to Prevent users from uninstalling or disabling browser plugins prevents end users from disabling the ENS Web Control extensions only in IE. The hardening policy does not prevent end users from disabling ENS Web Control in Chrome or Firefox.
may not necessarily be AD if non IE.

https://kc.mcafee.com/corporate/index?page=content&id=KB87568
Donald YatesAuthor Commented:
Solved but not generally useful.   It was the ISP DNS blocking.  I was forwarding to them in the Domain DNS and splat.  Moved to 8.8.8.8 and all is well.  Again.  Just coincidence that they started blocking when I installed McAfee.  Aw well.


Thanks all.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Donald YatesAuthor Commented:
It was a really off the wall problem and you system wouldn't let me not select a best.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Chrome

From novice to tech pro — start learning today.