Paypal.com SSL certificate invalid, issued to BitPay.com
Solution 1:
I don't think we need to say this, but do not accept that certificate.
Either something is wrong with your connection and you have a man in the middle, or something went terribly wrong on your browser, or some application server at PayPal was compromised.
Since everything looks normal from here, and the certificate is legitimate, don't trust whatever is on the other side.
Can you download the certificate and share it with us, out of curiosity?
Are you using a proxy somewhere? Even if you think you aren't, can you check your network and browser configuration to find it out? You may have malware installed or are using a rogue proxy.
Since the problem was fixed by changing the DNS server to Google's, I wonder what was your DNS server. It may have suffered a DNS cache poisoning, or RAM problems in the server may have mixed up cache entries. But I suspect the former: maybe your ISP has suffered an attack. The output of the host
or dig
commands, directed at the server, may be useful to debug.
dig www.paypal.com @8.8.8.8
dig www.paypal.com @(your DNS server)
host www.paypal.com 8.8.8.8
host www.paypal.com (your DNS server)
Also: if even your iPhone was having similar problems, the problem is most certainly in your ISP's DNS server. I'm not sure how effective it will be to warn them, but it may be a good idea.
Solution 2:
- On a trusted third-party computer that is not connected to your internet connection, download Ubuntu or something similar and slap it on a thumb drive or DVD.
- Boot this live operating system.
- Try to access PayPal from this environment
- Run
dig paypal.com
and post it here (not sure whetherdig
is available by default though)
If you still experience problems, it’s likely your router had its DNS services manipulated. This is possible when the router’s web interface has bugs which allow changing settings without authentication.
Sample output for comparison:
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> paypal.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27146
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;paypal.com. IN A
;; ANSWER SECTION:
paypal.com. 300 IN A 66.211.169.66
paypal.com. 300 IN A 66.211.169.3
;; Query time: 8 msec
;; SERVER: 108.59.15.5#53(108.59.15.5)
;; WHEN: Thu Jul 24 15:30:13 2014
;; MSG SIZE rcvd: 60
Last but not least, the redirect doesn’t make too much sense: After all, BitPay is not grabbing PayPal credentials.