Issue metadata
Sign in to add a comment
|
DNF revoked certificate not recognized as such
Reported by
simonk...@gmail.com,
Aug 10
|
||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/68.0.3440.75 Chrome/68.0.3440.75 Safari/537.36 Steps to reproduce the problem: 1. Open Url https://revoked-demo.pca.dfn.de/ What is the expected behavior? There should be warning that the certificate is (no longer) valid as it has been revoked. What went wrong? There is no warning and a green lock is shown indicating that the certificate is valid instead of the expected: Your connection is not private Attackers might be trying to steal your information from attacker.example.com (for example, passwords, messages, or credit cards). Learn more NET::ERR_CERT_AUTHORITY_INVALID Did this work before? N/A Chrome version: 68.0.3440.75 Channel: stable OS Version: Ubuntu 18.04 Flash Version: Firefox 61.0.1 works as expected. The translation for the German page content is: This web server uses uses a certificate that was revoked for demonstration purposes. It is therefore invalid. Consequently, if you can read this web page without a warning in your browser your browser failed to check the validity of the certificate. The DFN ("German Research Network") provides internet infrastructure for German universities and research institutes and it signs their certificates.
,
Aug 12
,
Aug 13
,
Aug 13
,
Aug 13
Thanks for the report, looks like this certificate is only marked as revoked through OCSP online checks, those are disabled by default in Chrome (More context behind this decision: https://dev.chromium.org/Home/chromium-security/security-faq#TOC-What-s-the-story-with-certificate-revocation- and the UX bug linked there), so this is working as intended. Setting the EnableOnlineRevocationChecks policy (https://chromium.org/administrators/policy-list-3#EnableOnlineRevocationChecks) to true causes this site to fail, similarly disabling OCSP checks in Firefox causes it to show there.
,
Nov 20
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by jialiul@chromium.org
, Aug 10Components: UI>Browser>Interstitials
Labels: OS-Mac OS-Windows