Issue metadata
Sign in to add a comment
|
Invalid SSL warnings in browser
Reported by
mark.p.m...@gmail.com,
Jun 17 2016
|
||||||||||||||||||||||||
Issue description
<b>Chrome Version : <Copy from: 'about:version'></b>
URLs (if applicable) :
Other browsers tested:
Add OK or FAIL, along with the version, after other browsers where you
have tested this issue:
Safari: OK
Firefox: OK
IE: OK
What steps will reproduce the problem?
(1) go to https://www.purehockey.com (Chrome - view green browser lock)
(2) go to https://www.puregoalie.com (Chrome - view red browser lock)
(3) go to https://www.comlax.com (Chrome - view red browser lock)
What is the expected result?
All three sites have valid SSL certs through Network Solutions and Rackspace. Qualys SSL Labs gives all three sites a score of A-. These are all legitimate certs, despite using SHA-1. This is a conversion killer.
https://www.ssllabs.com/ssltest/analyze.html?d=www.comlax.com (red)
https://www.ssllabs.com/ssltest/analyze.html?d=www.puregoalie.com (red)
https://www.ssllabs.com/ssltest/analyze.html?d=www.purehockey.com (green)
What happens instead?
Only Pure Goalie and ComLax show a red, unsecure lock on Chrome browsers. I cannot reproduce the issues on my computer (cache?) but many visitors, including employees in our office can.
Please provide any additional information below. Attach a screenshot if
possible.
http://seals.networksolutions.com/siteseal_seek/siteseal?v_shortname=NETEV&v_querytype=W&v_search=puregoalie.com&x=5&y=5
http://seals.networksolutions.com/siteseal_seek/siteseal?v_shortname=NETEV&v_querytype=W&v_search=comlax.com&x=5&y=5
,
Jun 20 2016
I see a green lock for purehockey.com, and an EV cert for the other two sites. I assume this is working-as-intended. Can you collect a net-internals log on one of the machines that shows the red lock? The log should be collected while they browse to the site that shows the problem. http://dev.chromium.org/for-testers/providing-network-details
,
Jun 20 2016
Hey Paul - thanks for the quick reply. I had my web admin, who experiences the red lock issues, fetch these files for you. Let me know if there's anything else we need to provide you.
,
Jun 20 2016
Hi Paul, I updated the ticket with two JSON files. Thanks, Mark
,
Jun 20 2016
Ryan, can you take a look?
,
Jun 20 2016
The warnings are correct. On this system, deprecating SHA-1 would cause issues. Merging into Issue 473105 about being more aggressive in trying to force Windows to fix it, although it will primarily benefit Windows 8+.
,
Jun 20 2016
Can I follow that ticket? Also attached is a file from Pure Hockey. The certs were generated from the same as Pure Goalie and ComLax (Network Solutions and Rackspace). If there's a difference between the 2, or 3, is there something I can tell these guys that may render a different result? |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by mark.p.m...@gmail.com
, Jun 17 2016