Issue 811128 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	rsleevi@chromium.org
Closed:	Feb 2018
Components:	Internals>Network>Certificate
EstimatedDays:	----
NextAction:	----
OS:	Linux , Windows , Mac
Pri:	1
Type:	Bug-Regression
hasbisect-per-revision Via-Wizard-NetworkDownloading M-66 Triaged-ET FoundIn-66 RegressedIn-66 Target-66 Needs-Triage-M66

Problem accessing some sites

Reported by regis.ca...@gmail.com, Feb 11 2018

Issue description

UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3343.3 Safari/537.36

Example URL:
https://ingdirectvie.ingdirect.fr/

Steps to reproduce the problem:
1. Try to load the URL

What is the expected behavior?
URL loaded and website is usable

What went wrong?
I get some security warning I cannot bypass, error is NET::ERR_CERT_AUTHORITY_INVALID. 
If you look at https://www.ssllabs.com/ssltest/analyze.html?d=ingdirectvie.ingdirect.fr, you can see that the certificate is OK (as far as I can tell)

Did this work before? Yes not sure

Chrome version: 66.0.3343.3  Channel: dev
OS Version: Ubuntu 17.10 (up to date)
Flash Version: 

I think there's something wrong in recent dev build. 
I also saw this issue with https://www.credit.fr/ if that help.

Side notes:
 - correct behavior is observed under Android (64.0.3282.137)
 - site loads fine (with a green security indicator) when loaded with Firefox.

(will provide network details logs)

Comment 1 by regis.ca...@gmail.com, Feb 11 2018

network details logs

chrome-net-export-log.json
121 KB View Download

Comment 2 by krajshree@chromium.org, Feb 12 2018

Labels: Needs-Bisect Needs-Triage-M66

Comment 3 by krajshree@chromium.org, Feb 12 2018

Labels: -Pri-2 -Needs-Bisect hasbisect-per-revision RegressedIn-66 M-66 FoundIn-66 Target-66 Triaged-ET OS-Mac OS-Windows Pri-1
Owner: rsleevi@chromium.org
Status: Assigned (was: Unconfirmed)

Able to reproduce the issue on Windows 10, mac 10.12.6 and Ubuntu 14.04 using chrome reported version #66.0.3343.3.

Bisect Information:
=====================
Good build: 66.0.3334.0
Bad Build : 66.0.3335.0

Change Log URL: 
https://chromium.googlesource.com/chromium/src/+log/e93a97278842441acc34611ec2ccc0b50c13fb6b..c646e48f1ff851d8eb8e2ae713a031684b46db27

From the above change log suspecting below change
Change-Id: I6c2c8b59f1ad016914ab8f1eaeb4f35bb367df3d
Reviewed-on: https://chromium-review.googlesource.com/883728

rsleevi@ - Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks...!!

Comment 4 by rsleevi@chromium.org, Feb 12 2018

Components: -Internals>Network Internals>Network>Certificate
Status: WontFix (was: Assigned)

This certificate is distrusted as part of https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html

This site is in the process of rolling out a replacement certificate - https://crt.sh/?id=324641878

If you look at the SSLLabs site, it does include a warning: "This server's certificate will be distrusted by Google and Mozilla from March 2018.   MORE INFO »". Unfortunately, SSLLabs has set the warning date as March (when Chrome Beta is released), rather than earlier, such as Dev and Canary, as documented here - https://blog.qualys.com/ssllabs/2017/09/26/google-and-mozilla-deprecating-existing-symantec-certificates

Comment 5 by regis.ca...@gmail.com, Feb 12 2018

rsleevi@ Thanks for the explanations, I wasn't aware of this. Regards :)

►

Issue 811128 link

Issue metadata

Problem accessing some sites

Issue description

Comment 1 by regis.ca...@gmail.com, Feb 11 2018

Comment 1 Deleted

Comment 2 by krajshree@chromium.org, Feb 12 2018

Comment 2 Deleted

Comment 3 by krajshree@chromium.org, Feb 12 2018

Comment 3 Deleted

Comment 4 by rsleevi@chromium.org, Feb 12 2018

Comment 4 Deleted

Comment 5 by regis.ca...@gmail.com, Feb 12 2018

Comment 5 Deleted

Sign in to add a comment