New issue
Advanced search Search tips

Issue 895848 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 867979
Owner: ----
Closed: Oct 16
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Compat



Sign in to add a comment

NET::ERR_CERT_SYMANTEC_LEGACY Unable to log into a website with v70. Works fine on devices with v69

Reported by david.mo...@jpthegreat.org, Oct 16

Issue description

UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.54 Safari/537.36

Example URL:
https://myjourney.advanc-ed.org/login

Steps to reproduce the problem:
1. Go to the site above
2. Login with credentials
3. Site does nothing

What is the expected behavior?
Should log into the site when presented with correct credentials

What went wrong?
The page does nothing.  Tried on two different devices running v70 and got the same result.  Tried on two devices running v69 of ChromeOS and they worked.

Does it occur on multiple sites: N/A

Is it a problem with a plugin? No 

Did this work before? Yes v69

Does this work in other browsers? Yes

Chrome version: 70.0.3538.54  Channel: beta
OS Version: 10.0
Flash Version: 

I have the credentials to reproduce the problem or I can just send you any information, logs, etc. that can help troubleshoot
 
Components: Internals>Network>SSL
Mergedinto: 867979
Status: Duplicate (was: Unconfirmed)
Summary: NET::ERR_CERT_SYMANTEC_LEGACY Unable to log into a website with v70. Works fine on devices with v69 (was: Unable to log into a website with v70. Works fine on devices with v69)
The website is using old symantec certificates. You likely clicked past an interstitial.




So is just that v70 is stricter in working with sites like this (with older
Certs?)
Yes, this is part of the deprecation called out in issue 867979, which contains links to blog posts both with past details as well as steps for site operators to fix.

Other browsers, such as Apple Safari, Mozilla Firefox, and Microsoft Edge, have all announced they will be taking similar steps on approximately the same timeframe, so sites should replace their certificates ASAP (or should have already).

If you are the site operator, you can see the issue it was duped into for more detail. If you're not, you can notify the site operator with these details. The CA responsible for their certificate has made multiple attempts over the past year to contact the site operator's registered email address to help notify them of these changes and prepare them to prevent user disruption.

Sign in to add a comment