New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 819625 link

Starred by 1 user
Status: WontFix
Owner:
rsleevi@chromium.org
Closed: Mar 2018
Cc:
sindhu.chelamcherla@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug-Regression



Sign in to add a comment

Privacy error shown for non-expired SSL certificates

Reported by emily.me...@journeygroup.com, Mar 7 2018 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3364.0 Safari/537.36

Steps to reproduce the problem:
1. Download a clean copy of Canary.
2. Navigate to a site such as https://mycloud.rackspace.com/?_ga=2.81163219.557259504.1520433145-223519555.1520433145

What is the expected behavior?
Domain resolves and user sees the appropriate page.

What went wrong?
Canary says that the site is not secure (showing "Your connection is not private"). When I click on the "Not secure" warning in the address bar, it says that the certificate is invalid [Screenshot1]. When I click on the certificate though, it shows a valid certificate that has not expired [Screenshot2], and no similar errors are shown in Chrome (non-Canary) or other browsers for the same site.

Did this work before? Yes Sometime late January 2018

Chrome version: 67.0.3364.0  Channel: canary
OS Version: OS X 10.13.3
Flash Version: 

This isn't happening for all SSL sites, and it looks like the certificates where it is happening aren't all from the same providers (Screenshot3 shows an example of the certificate for another site with the same error).

This only started happening, to the most of my knowledge, around the beginning of February (2018).
Screenshot1.png
47.3 KB View Download
Screenshot2.png
50.0 KB View Download
Screenshot3.png
41.3 KB View Download

Comment 1 by susan.boorgula@chromium.org, Mar 7 2018

Components: Internals>Network>SSL
Labels: Needs-Bisect Needs-Triage-M67

Comment 2 by sindhu.chelamcherla@chromium.org, Mar 8 2018

Cc: sindhu.chelamcherla@chromium.org
Components: Internals>Network>Certificate
Labels: -Needs-Bisect hasbisect-per-revision ReleaseBlock-Stable Triaged-ET M-66 FoundIn-66 Target-66 RegressedIn-66 OS-Linux OS-Windows
Owner: rsleevi@chromium.org
Status: Assigned (was: Unconfirmed)
Able to reproduce this issue on reported version 67.0.3364.0 and on latest dev 66.0.3355.0 using Windows10, Mac 10.13.3 and Ubuntu 14.04 withs steps mentioned in comment#0. Hence providing bisect info.

Good Build: 66.0.3334.0
Bad Build: 66.0.3335.0

You are probably looking for a change made after 532238 (known good), but no later than 532239 (first known bad).
CHANGELOG URL:
 https://chromium.googlesource.com/chromium/src/+log/e93a97278842441acc34611ec2ccc0b50c13fb6b..c646e48f1ff851d8eb8e2ae713a031684b46db27

Reviewed-on: https://chromium-review.googlesource.com/883728

Suspecting same from changelog.

@ rsleevi: Please confirm the bug and help in re-assigning if it is not related to your change. Adding RB-Stable as this is a recent regression. Please remove if not the case.

Thanks!

Comment 3 by rsleevi@chromium.org, Mar 8 2018

Components: -Internals>Network>SSL
Status: WontFix (was: Assigned)
Yes, this is part of https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html

Sign in to add a comment