Author Topic: Google Chrome Warning  (Read 2858 times)

Offline okohll

  • Newbie
  • *
  • Posts: 1
Google Chrome Warning
« on: June 26, 2015, 10:52:09 AM »
Hi,

A few months ago Google Chrome started displaying a red cross and a warning in the URL bar with older Comodo certificates, using SHA-1 rather than SHA-2. Comodo issued updated certificates which I installed and which fixed the issue.

Yesterday the red cross re-appeared (URL = appserver.gtportalbase.com). The message says
"Your connection to appserver.gtportalbase.com is encrypted with obsolete cryptography.
[...]
The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and ECDHE_RSA as the key exchange mechanism."

From looking at

https://www.ssllabs.com/ssltest/analyze.html?d=appserver.gtportalbase.com&hideResults=on

I think the cause is that though the updated certificate now uses SHA-2, the certificate AddTrustExternalCARoot.crt supplied with is still uses SHA-1. Can you confirm this and if so supply a new version of that certificate?

Regards
Oliver

Offline cold_SSLither

  • Newbie
  • *
  • Posts: 3
Re: Google Chrome Warning
« Reply #1 on: June 30, 2015, 11:50:42 AM »
I have this same problem in Chrome.  First I thought it was due to using a SHA-1 certificate, so I upgrade to SHA-2 and no luck.  I then figured it was because I was using TLS 1.0 instead of 1.2, so I upgraded my application server and java so I am now using 1.2, but I still get the error.  I would love to get this sorted out also.

Offline JoWa

  • Humanist
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6741
  • I believe in doubt.
    • Evolutionary history of life
Re: Google Chrome Warning
« Reply #2 on: June 30, 2015, 03:11:30 PM »
https://appserver.gtportalbase.com/ is green for me, using Chrome 44 on Ubuntu.

It is, however, “encrypted with obsolete cryptography”. You should enable the following suite(s), and make it/them preferred:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Ubuntu | Firefox | HTTPS Only Mode | Privacy Badger
Forum Policy | Comodo Product Help

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek