Issue metadata
Sign in to add a comment
|
Give incorrect SSL error code in iOS version and refuses advanced "proceed" option
Reported by
ba...@therightprofile.com,
Mar 2 2016
|
||||||||||||||||||||||||
Issue descriptionSteps to reproduce the problem: 1. go to https://app.therightprofile.com/start.php 2. on a desktop chrome (current version), no ssl error 3. on iOS safari, no ssl error 4. on Chrome iOS earlier version (eg. 47 and earlier), no ssl error 5. on Chrome iOS version 48.0.2564, we get an SSL error: What is the expected behavior? If on desktop of chrome or older versions, no error. If on latest iOS version get SSL error and also cannot proceed. What went wrong? when on latest iOS Chrome hitting the above page. Error pops up. Your connection is not private. Under advanced details: An unknown error has occurred. When you attempt to use the Proceed to ..... (unsafe) option it does NOT proceed, and instead just repeats the error. Did this work before? Yes On previous versions of iOS Chrome, eg 47 and before Chrome version: 48.0.2564.116 Channel: stable OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: Shockwave Flash 20.0 r0
,
Mar 7 2016
We checked the iOS device and it was using the automatic time. Attached is the screenshots from a device with this problem. It is happening on multiple devices.
,
Mar 7 2016
Thanks for the screenshots. Now I am experiencing the same SSL error on my iphone too. +lgarron@, any insight about this bug? The interesting part is this error is only shown by chrome on iOS.
,
Mar 7 2016
,
Mar 7 2016
,
Mar 7 2016
Interestingly, I get to the page (green lock icon) on my iPad but not my iPhone. Since the error is NET::ERR_UNEXPECTED [1], this sounds like a low-level unrecoverable error, so it makes sense that you'll run into the same error after clicking through. I'll take a look at the PEM encoded chain from the phone. [1] https://code.google.com/p/chromium/codesearch#chromium/src/net/base/net_error_list.h&sq=package:chromium&type=cs&l=51&q=%22NET_ERROR(UNEXPECTED%22
,
Mar 7 2016
Yes, same here. iPad is OK, iPhone shows error. lgarron@, thanks for taking a look at this one!
,
Mar 7 2016
Starting from M48 Chrome for iOS uses SecTrust API to check if certificate is valid. This is the same API used by Safari and Safari also flags the certificate as invalid. Chrome however does not allow to proceed with this bad SSL cert, which will be fixed in M49.
,
Mar 7 2016
The app is missing the intermediate certificate ("Go Daddy Secure Certificate Authority - G2"): https://www.ssllabs.com/ssltest/analyze.html?d=app.therightprofile.com
You should make sure to send it with every request.
,
Mar 8 2016
To clarify, not having an intermediate certificate is the kind of situation that means that iOS cannot connect and fails permanently to proceed, but the browser doesn't even throw and error and that combination is okay?
,
Mar 8 2016
I would think handling the error gracefully would be something to fix too?
,
Mar 8 2016
>> I would think handling the error gracefully would be something to fix too? This will be a recoverable error in Chrome version 49, exactly same behavior as in Safari.
,
Nov 24 2016
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by jialiul@chromium.org
, Mar 3 2016Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Status: WontFix (was: Unconfirmed)