I recently purchased a SSL certificate.
After installation, Chrome indentifies my site pages to be insecure (broken HTTPS).
“SHA-1 Certificate
The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.”
Details of the certificate show:
Version: V3
Algorithm for signature: sha256RSA
Signature hash-algorithm: sha256
Algorithm for fingerprint: sha1
What should I do to make my pages to be indentified Secure in Chrome?
Are you certain you’re using the latest stable version of Chrome for your OS? My gut suspects you’re encountering a bug with an earlier version of Chrome. I’ve never seen such an error message in Chrome with a SHA-2 based site certificate.
Without the site in question, there’s not much any of us can do besides speculate.
Sal,
Thanks for your reply.
I use the latest Chrome version 55.0.2883.87
Website: www.privesafari.com
I’m using the same version on Windows 7 and unable to replicate.
However, I did a little deeper digging using OpenSSL’s s_client and see a sha-1 cert configured! This indicates you are using a mixture of IP and name based virtual hosting. I suspect that something is not configured correctly on the server end.
Sal,
Thanks for investigating this matter.
I will contact my hosting cy and will let you know the outcome.