New issue
Advanced search Search tips

Issue 868378 link

Starred by 3 users
Status: Duplicate
Merged: issue 867979
Owner: ----
Closed: Jul 28
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug



Sign in to add a comment

Unable to login into www.paypal.com due to hard NET::ERR_CERT_SYMANTEC_LEGACY and HSTS on M70 canary

Project Member Reported by mef@chromium.org, Jul 27 
This is probably WAI and should be fixed by paypal, but it is bad user experience anyway.

Chrome Version: 70.0.3504.0
OS: Mac OS X
What steps will reproduce the problem?
(1) Visit www.paypal.com
(2) Get NET::ERR_CERT_SYMANTEC_LEGACY and not allowing bypass due to HSTS.

What is the expected result?
Some way to proceed to www.paypal.com.

What happens instead?
Getting error:
Attackers might be trying to steal your information from www.paypal.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_SYMANTEC_LEGACY

You cannot visit www.paypal.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.


Subject: www.paypal.com

Issuer: Symantec Class 3 EV SSL CA - G3

Expires on: Oct 30, 2019

Current date: Jul 27, 2018

PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIHZDCCBkygAwIBAgIQV8t+FeLj4kTYKwFjKUbr8DANBgkqhkiG9w0BAQsFADB3
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVj
IENsYXNzIDMgRVYgU1NMIENBIC0gRzMwHhcNMTcwOTIyMDAwMDAwWhcNMTkxMDMw
MjM1OTU5WjCCAQkxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIB
AgwIRGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYD
VQQFEwczMDE0MjY3MQswCQYDVQQGEwJVUzETMBEGA1UEEQwKOTUxMzEtMjAyMTET
MBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2UxFjAUBgNVBAkM
DTIyMTEgTiAxc3QgU3QxFTATBgNVBAoMDFBheVBhbCwgSW5jLjEUMBIGA1UECwwL
Q0ROIFN1cHBvcnQxFzAVBgNVBAMMDnd3dy5wYXlwYWwuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/eYS06q8i/Gd6smdmAuq1C9R/+LfLdKdQ2B
90biawOf5Af/wKzlFXwLgarQMoiwWE7rwRPMJ90aJ0Do+BY5mk1V1Q1HfNFY20GO
QQ4+8jsFeF2LvyhxQRHJFNvl4qqAhNDopyyqwgbI3NMYNUKgR9W1uldmwwEfwTpY
6DmU9V5Qc362hEUn/FJM7x4yMBMM9ZPluaigHAWpabekBye5bjCZOm8z1/8krgIS
CPhVPzDsol+TNIurBeaN1ZO+k3g+l6hm3Kklm/AYGvqugJnGD+Jnqiao7ej/RY9F
DsjDKFESphceJ8hhccc0QNDJuklym71XzerVhmNRHUgUcL7U1QIDAQABo4IDVjCC
A1IwfAYDVR0RBHUwc4ISaGlzdG9yeS5wYXlwYWwuY29tggx0LnBheXBhbC5jb22C
DGMucGF5cGFsLmNvbYINYzYucGF5cGFsLmNvbYIUZGV2ZWxvcGVyLnBheXBhbC5j
b22CDHAucGF5cGFsLmNvbYIOd3d3LnBheXBhbC5jb20wCQYDVR0TBAIwADAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMG8GA1Ud
IARoMGYwWwYLYIZIAYb4RQEHFwYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5
bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y
cGEwBwYFZ4EMAQEwHwYDVR0jBBgwFoAUAVmr5906C1mmZGPWzyAHV9WR52owKwYD
VR0fBCQwIjAgoB6gHIYaaHR0cDovL3NyLnN5bWNiLmNvbS9zci5jcmwwVwYIKwYB
BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc3Iuc3ltY2QuY29tMCYGCCsG
AQUFBzAChhpodHRwOi8vc3Iuc3ltY2IuY29tL3NyLmNydDCCAX4GCisGAQQB1nkC
BAIEggFuBIIBagFoAHUA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswA
AAFeq4VXsQAABAMARjBEAiAH40DnKjw47PT7fbyZI7rWOQ17h0zwi6yIdhaYre2s
NAIgXqRa9r3Q8k13MTFllMEsLRYtTIrzqixjOiaUj1wEMrQAdwCkuQmQtBhYFIe7
E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAV6rhVfsAAAEAwBIMEYCIQDkVDC3InUu
az/pZV1Ziw6fRJ2MBbH7EddZmDw16lLqngIhAL0HbHhbgf9FboxomUFyweU2cYEA
hR0qxP2efYXA1Y9qAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csA
AAFeq4VZsAAABAMARzBFAiEA1YzTEeYIqsyYNfztSfA0i+JoDWZljx1Wen7HNRnR
twoCIGqWIuxjY3nlXieYGd5P/GkKImSXcJJnnHz0ANHfwmHmMA0GCSqGSIb3DQEB
CwUAA4IBAQCIdXzujG+e49q5QFN47VcRTOQ/EUrD2oCX9PiOD46xc2eD3j6eLIVr
ArVzSCZNQ9cEvcd9xNwDuAs1fDksQiSz3BV49lRw/OCb9Z8wCLAvS/GhSZYIdlyu
3D6VDRqJDNoyrSpL12NQjAzjCOxveFVnBWhlIjnjfjbZkNI9BjbH3u701t3aw/us
Q/4vHGSb4t3AiYtSmI0O9gkt5E1inBYilvtoW5SHh84YfkFgeaQXPnHysaIG2HHY
Mwtq1GdoJD66xiGUXWr2IYRf0P+s5D2qrZWF/EtpMHK3uk3aOu3ZfUAdAim41QwJ
ng10i/piAkqIbnwTVrqZPxN4SIKsQ45h
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIQfuFKb2/v8tN/P61lTTratDANBgkqhkiG9w0BAQsFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw
CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs
YXNzIDMgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYoWV0I+grZOIy1zM3PY71NBZI3U9/hxz4RCMTjvsR2ERaGHGOYBYmkpv9
FwvhcXBC/r/6HMCqo6e1cej/GIP23xAKE2LIPZyn3i4/DNkd5y77Ks7Imn+Hv9hM
BBUyydHMlXGgTihPhNk1++OGb5RT5nKKY2cuvmn2926OnGAE6yn6xEdC0niY4+wL
pZLct5q9gGQrOHw4CVtm9i2VeoayNC6FnpAOX7ddpFFyRnATv2fytqdNFB5suVPu
IxpOjUhVQ0GxiXVqQCjFfd3SbtICGS97JJRL6/EaqZvjI5rq+jOrCiy39GAI3Z8c
zd0tAWaAr7MvKR0juIrhoXAHDDQPAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj
MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw
BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov
L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z
eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi
LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx
GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMzMB0GA1UdDgQWBBQBWavn3ToLWaZk
Y9bPIAdX1ZHnajAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq
hkiG9w0BAQsFAAOCAQEAQgFVe9AWGl1Y6LubqE3X89frE5SG1n8hC0e8V5uSXU8F
nzikEHzPg74GQ0aNCLxq1xCm+quvL2GoY/Jl339MiBKIT7Np2f8nwAqXkY9W+4nE
qLuSLRtzsMarNvSWbCAI7woeZiRFT2cAQMgHVHQzO6atuyOfZu2iRHA0+w7qAf3P
eHTfp61Vt19N9tY/4IbOJMdCqRMURDVLtt/JYKwMf9mTIUvunORJApjTYHtcvNUw
LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j
2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----

Comment 1 by rsleevi@chromium.org, Jul 28

Mergedinto: 867979
Status: Duplicate (was: Untriaged)

Comment 2 by awhalley@google.com, Jul 28 

Thanks mef@, I pinged Paypal on twitter.

Comment 3 by awhalley@chromium.org, Aug 3 

Paypal have confirmed they are aware of the issue and are working to replace their certs.

Sign in to add a comment