New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 637610 link

Starred by 1 user

Issue metadata

Status: Archived
Owner:
Last visit > 30 days ago
Closed: Aug 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug


Participants' hotlists:
HSTS-Preload


Sign in to add a comment

HSTS Preload App: HTTP/2 Support

Project Member Reported by sdy@chromium.org, Aug 14 2016

Issue description

When I try to submit a couple of little websites I run to hstspreload.appspot.com, I get "Error: Invalid Certificate Chain". Both sites have an A+ on SSL Labs’ test.

A quick search on the hstspreload list turned up this email, which suggests that it might be an issue with HTTP/2 sites:

https://groups.google.com/a/chromium.org/d/topic/hstspreload/pvRt_7q4gq8/discussion

My domains are istheinternetdown.com and iambroken.com. I don't care about manually adding them to the list, seems better to figure out why the app doesn't like them.
 
hstspreload_failure.png
368 KB View Download
ssllabs_pass.png
343 KB View Download
This seems to be another bug specific to Google Cloud (the platform the site is running on); the checks pass from my computer.

Would you mind filing an issue directly with the project so we can keep track of it there?
https://github.com/chromium/hstspreload.appspot.com/issues/new

Comment 2 by sdy@chromium.org, Aug 15 2016

Status: Archived (was: Assigned)
Sure thing! I didn’t realize it’s on GitHub:

https://github.com/chromium/hstspreload.appspot.com/issues/57
Maybe I need to make the "On GitHub" banner in the upper right larger? ;-)

In any case, sometimes Chromium is the right place for an HSTS preload bug. I'd rather know of a bug at all rather than require all bugs to start out in the right place. :-)

Comment 4 by sdy@chromium.org, Aug 15 2016

> Maybe I need to make the "On GitHub" banner in the upper right larger? ;-)

Oh, hah! I think I blinded myself to the possibility.
Components: Internals>Network>DomainSecurityPolicy

Sign in to add a comment