Facebook - SSL Certificate - Popup Message RRS feed

  • Question

  • I installed EMET because some guy on the Katie Couric Show said everyone needed it for security.  I know almost nothing about how to use it.  I keep getting the following popup message (I think I captured it correctly - it won't stay up very long at a time.)  Do I need to be concerned about this message?

    EMET detected that the SSL certificate for **.facebook.com* is not trusted by the rule "FacebookCA" associated with the domain *www.facebook.com." 

    Monday, March 3, 2014 9:51 PM

All replies

  • I'm guessing you installed EMET version 4, not the newer 4.1 that doesn't do this.

    EMET uses something called certificate pinning whereby it matches up the certificate for a site.  In version 4 the facebook cert rule has an expiration date of 12/31/2013.

    Uninstall what you installed, install this one instead:  http://www.microsoft.com/en-us/download/details.aspx?id=41138

    Unfortunately TechNet isn't coming back, sorry folks :-(

    Tuesday, March 4, 2014 10:46 PM