Issue metadata
Sign in to add a comment
|
Unable to override SSL ceritificate error after new mac update
Reported by
lakshmin...@gmail.com,
May 14 2018
|
||||||||||||||||||||||||
Issue description
Chrome Version : 66.0.3359.170
OS Version: OS X 10.13.4
URLs (if applicable) :
Other browsers tested:
Add OK or FAIL after other browsers where you have tested this issue:
Safari:
Firefox: OK
IE/Edge:
What steps will reproduce the problem?
1. get localhost.com:<portnum>/app
2.
3.
What is the expected result?
SSL allow exception link
What happens instead of that?
website sent scrambled credentials. No allow exception link
Please provide any additional information below. Attach a screenshot if
possible.
UserAgentString: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36
,
May 15 2018
@Reporter: Please provide a sample test case/ URL to test this issue from TE end. Any further information on reproducing the issue would help in further debugging of this. Thanks!
,
May 15 2018
System crashed. So will take sime time to get to that stage. Let me ask my colleagues
,
May 15 2018
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 15 2018
,
May 15 2018
,
May 15 2018
The certificate for my app has expired. But Chrome when hitting the my app url in my localhost when hit would ask if I still want to continue. This is not happening now. Rather I get only get the warning below. localhost.com normally uses encryption to protect your information. When Google Chrome tried to connect to localhost.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
,
May 15 2018
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 15 2018
What's the signature algorithm on your certificate? I'm fairly certain this is WontFix, as I believe Apple recently moved to treat MD5 as a fatal error, and since the signature verification code goes through there, that fatal error propagates through.
,
May 15 2018
It's also possible you're using a certificate under a domain that is on the HSTS preload list, and set to make errors fatal. Without the full certificate details, we can't be sure.
,
May 16 2018
Yes after updating the certificate expiry date using openssl I am able to see the proceed to localhost.com link. But the question remains as why I was not able to see the proceed to localhost link especially after the latest os upgrade and security upgrade while I didn’t see such issue with Firefox.
,
May 16 2018
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 16 2018
There are a large number of reasons that Firefox and Chrome, two different browsers, would behave differently. They verify certificates using completely different code, and since I mentioned HSTS, can be influenced by what sites you visit. I'm going to mark this as WontFix. It's unlikely that the certificate expiration itself would have affected in things as you describe, but without the old and new certificates, we won't be able to help further diagnose or offer better solutions. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by krajshree@chromium.org
, May 15 2018