Google Chrome Warning


A few months ago Google Chrome started displaying a red cross and a warning in the URL bar with older Comodo certificates, using SHA-1 rather than SHA-2. Comodo issued updated certificates which I installed and which fixed the issue.

Yesterday the red cross re-appeared (URL = The message says
“Your connection to is encrypted with obsolete cryptography.
The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and ECDHE_RSA as the key exchange mechanism.”

From looking at

I think the cause is that though the updated certificate now uses SHA-2, the certificate AddTrustExternalCARoot.crt supplied with is still uses SHA-1. Can you confirm this and if so supply a new version of that certificate?


I have this same problem in Chrome. First I thought it was due to using a SHA-1 certificate, so I upgrade to SHA-2 and no luck. I then figured it was because I was using TLS 1.0 instead of 1.2, so I upgraded my application server and java so I am now using 1.2, but I still get the error. I would love to get this sorted out also. is green for me, using Chrome 44 on Ubuntu.

It is, however, “encrypted with obsolete cryptography”. You should enable the following suite(s), and make it/them preferred: