Same SSL certificate treated differently on different platforms |
|||||
Issue descriptionChrome version: 71.0.3578.98 OS version: 71.0.3578.98 (ChromeOS), current Linux (Rodete) Case#: 17913836 Description: Same HTTPS website with self-signed certificate shows different error on Linux-based systems (Linux and ChromeOS) and others. On Windows/MacOS it shows NET::ERR_CERT_AUTHORITY_INVALID, which allows to proceed or add to trusted On Linux/ChromeOS it shows NET::ERR_CERT_INVALID, which doesn't give an option to proceed and adding it to trusted won't help. I tried to bisect on Linux, but found the same behavior up to version 55, so I suspect it's not browser version related, but OpenSSL/BoringSSL issue Steps to reproduce: 1. Go to https://35.247.17.70/ 2. Check error message Current Behavior / Reproduction: NET::ERR_CERT_INVALID Expected Behavior: NET::ERR_CERT_AUTHORITY_INVALID Drive link to logs: Certificate file with key I used as example (on https://35.247.17.70/) - https://drive.google.com/open?id=1W8iWjHpu45TYaG1y3A-u1EsaelbSWsrj Req file used to generate - https://drive.google.com/open?id=1fWGOgkYLbOomYZEThhNgceqEk5ZkOuUE What I noticed is that adding Extended Key Usage triggered this error, however we had another report with certificate not having this field, so it might not be the only trigger.
,
Jan 15
,
Jan 15
,
Jan 15
Hotlist-Enterprise is used by Enteprise customer support team to track bugs affecting our enterprise customers.
,
Jan 16
(6 days ago)
re c1# - those types of certificates are used by customers for internal resources, like Cisco Management interface, as in this example. And they are really frustrated when all browsers, including Chrome, are giving them options to proceed, but not Chrome on ChromeOS.
,
Jan 17
(5 days ago)
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by rsleevi@chromium.org
, Jan 14Labels: -M-72 Needs-Feedback