Issue 673791 link

Starred by 2 users

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Jan 2017
Components:	Internals>Network>Certificate
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Needs-Feedback Via-Wizard-Security

NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

Reported by petr.duc...@gmail.com, Dec 13 2016

Issue description

UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2587.3 Safari/537.36

Steps to reproduce the problem:
1. visit mail.google.com

What is the expected behavior?
view content from mail.google.com

What went wrong?
Your connection is not private

Attackers might be trying to steal your information from chromiumbugs.appspot.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

Did this work before? N/A 

Chrome version: 56.0.2924.21  Channel: beta
OS Version: 
Flash Version: Shockwave Flash 20.0 r0

Comment 1 by elawrence@chromium.org, Dec 13 2016

Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Needs-Feedback Type-Bug

This seems likely to be the same as Issue 588789.

If you click the "NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM" text, debugging text will appear containing the certificate. If you copy/paste that text into a reply, we can confirm if it's the right certificate and thus a duplicate of that other issue.

Comment 2 by jkarlin@chromium.org, Dec 13 2016

Components: Internals>Network>Certificate
Status: Untriaged (was: Unconfirmed)

Comment 3 by rsleevi@chromium.org, Dec 13 2016

re: Comment #1: There shouldn't be an error interstitial for any of the known cases of Issue 588789, which is what this issue describes.

Attaching a chrome://net-internals log, as described at https://dev.chromium.org/for-testers/providing-network-details (note: on the little arrow on the top right, please choose "Flush sockets" first before repro'ing the issue) would help rule out any issues.

Also, please include relevant OS details - is this a Linux issue? If so, it's unlikely to be Issue 588789

Comment 4 by petr.duc...@gmail.com, Dec 14 2016

Os Version: Linux velkej 3.2.0-4-amd64 #1 SMP Debian 3.2.54-2 x86_64 GNU/Linux

Subject: mail.google.com
Issuer: Google Internet Authority G2
Expires on: Feb 23, 2017
Current date: Dec 14, 2016
PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIID1jCCAr6gAwIBAgIIEphy/1vbijkwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTYxMjAxMTQyMjEzWhcNMTcwMjIzMTQxNzAw
WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFp
bC5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEayReCKLrJXMl
z3eaWDmNl8WNoV82QM2acg8wVgR0SPw5LQ3w6LvTo7UkJ2j30fzTuv5kfEdKgBYY
5b7BMuFZyqOCAWswggFnMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAs
BgNVHREEJTAjgg9tYWlsLmdvb2dsZS5jb22CEGluYm94Lmdvb2dsZS5jb20wCwYD
VR0PBAQDAgeAMGgGCCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3Br
aS5nb29nbGUuY29tL0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVu
dHMxLmdvb2dsZS5jb20vb2NzcDAdBgNVHQ4EFgQU9RP6mijtnsk+KRPNda6g7Xi7
h64wDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqB
LzAhBgNVHSAEGjAYMAwGCisGAQQB1nkCBQEwCAYGZ4EMAQICMDAGA1UdHwQpMCcw
JaAjoCGGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcN
AQELBQADggEBAI+xgiF97Tct0YaCzaMf/7zEA4n+l/ASLIjQIdqSHdcgbV2Z64zP
8zskkM573ViS/HyxlG0BGBQ+5zuSIIcDn3Pbo/SmFUuOWhuBE1HWPA4a0UTVX/5U
NktT4MH/NF3uziEPvv4R8ezyDlkNNjQHp3Pk5XdppKGJHpcArAb+dt5WzEDQxvDd
dCJu/vy2x7MqfX6gKFH75YYAxrbyAJxk2mHCtoupkZB7wlWrpvYMJGwHVJcNpF+q
MOSKhihY3JgqK1EkmQgaaiI0tg4+a8oZK4MMsrOUptI1+qrKLUJ2TZSorhgFpV+q
+bSQ61sENZ6WL4KzrMwQl1ES04PZVfbo0oA=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIDAjqSMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTUwNDAxMDAwMDAwWhcNMTcxMjMxMjM1OTU5WjBJMQswCQYDVQQG
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB5zCB5DAfBgNVHSMEGDAWgBTAephojYn7
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wDgYD
VR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDov
L2cuc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwNQYDVR0fBC4wLDAqoCig
JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMBcGA1UdIAQQ
MA4wDAYKKwYBBAHWeQIFATANBgkqhkiG9w0BAQsFAAOCAQEACE4Ep4B/EBZDXgKt
10KA9LCO0q6z6xF9kIQYfeeQFftJf6iZBZG7esnWPDcYCZq2x5IgBzUzCeQoY3IN
tOAynIeYxBt2iWfBUFiwE6oTGhsypb7qEZVMSGNJ6ZldIDfM/ippURaVS6neSYLA
EHD0LPPsvCQk0E6spdleHm2SwaesSDWB+eXknGVpzYekQVA/LlelkVESWA6MCaGs
eqQSpSfzmhCXfVUDBvdmWF9fZOGrXW2lOUh1mEwpWjqN0yvKnFUEv/TmFNWArCbt
F4mmk2xcpMy48GaOZON9muIAs0nH5Aqq3VuDx3CQRk6+0NtZlmwu9RY23nHMAcIS
wSHGFg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw
WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE
AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m
OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu
T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c
JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR
Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz
PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm
aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM
TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g
LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO
BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv
dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB
AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL
NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W
b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
-----END CERTIFICATE-----

net-internals-log.json
840 KB View Download

Comment 5 by elawrence@chromium.org, Dec 14 2016

Certificates 3 and 4 in the list above are SHA-1 certs marked as Revoked on Windows.

Comment 6 by rsleevi@chromium.org, Dec 15 2016

Which version of Debian are you running? And have you applied security updates in the past 3 years?

Comment 7 by rsleevi@chromium.org, Dec 20 2016

Ping. Without additional details, this issue may be closed as WontFix.

Comment 8 by svaldez@chromium.org, Jan 9 2017

Status: WontFix (was: Untriaged)

Closing as WontFix, feel free to re-open with the requested details.

Comment 9 by elawrence@chromium.org, May 9 2017

It appears that there's another report of this here: https://productforums.google.com/d/msg/chrome/vXwSJnkOlUM/zykiT4CxAgAJ

►

Issue 673791 link

Issue metadata

NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

Issue description

Comment 1 by elawrence@chromium.org, Dec 13 2016

Comment 1 Deleted

Comment 2 by jkarlin@chromium.org, Dec 13 2016

Comment 2 Deleted

Comment 3 by rsleevi@chromium.org, Dec 13 2016

Comment 3 Deleted

Comment 4 by petr.duc...@gmail.com, Dec 14 2016

Comment 4 Deleted

Comment 5 by elawrence@chromium.org, Dec 14 2016

Comment 5 Deleted

Comment 6 by rsleevi@chromium.org, Dec 15 2016

Comment 6 Deleted

Comment 7 by rsleevi@chromium.org, Dec 20 2016

Comment 7 Deleted

Comment 8 by svaldez@chromium.org, Jan 9 2017

Comment 8 Deleted

Comment 9 by elawrence@chromium.org, May 9 2017

Comment 9 Deleted

Sign in to add a comment