Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome 42 vs SSL Certificates


  • Please log in to reply
No replies to this topic

#1 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:06:24 AM

Posted 29 April 2015 - 05:11 PM

Hi everyone,

For those who don't know, starting in version 42, Google Chrome will mark/display as "insecure" websites that have SSL certificates that are signed using SHA-1. This is an effort to move website owners that sign their certificates using a better encryption than SHA-1, which can be seen as deprecated and weak. In order to see what encryption a certificate is using, click on the small "lock" icon on the left of the web URL, and go under the Connection tab. From there, click on See certificate information and go to the Details tab. You'll see right-away if the certificate is signed using SHA-1 or another method.

(The screenshots are in French, I know. If someone could provide me English screenshots, I would appreciate it. Or I'll just take them inside a VM)

EVze7i4.pngOcc4Prq.png

In order to know which version of Google Chrome you are running, click on the Settings button (the gear icon in the top-right corner), and select About Google Chrome. It'll open a new tab, showing you the version you are currently running.

ycYnCUd.png

I would like for the users running Google Chrome 42+ to write down the websites they go on which are marked as insecure by Google Chrome, because they use a SHA-1 signed certificate. I'm doing this to get websites to test for troubleshooting purposes, and also to see what makes it that for one user, he have a SHA-256 certificate, and for another, a SHA-1. So far, at home, the Sublime Text website for me is signed using SHA-1.

https://www.sublimetext.com/
oTGM29D.pngmpJSqJX.png

For another user on Malwarebytes forums, he receives a SHA-1 certificate while I receive a SHA-256 one. At work, I receive SHA-1 certificates for both Malwarebytes and VirusTotal. As you can imagine, this is a rather complicated situation, and the more websites I can test, the better it'll be. Plus, maybe other users are currently facing this issue and this thread could help them solve it. Feel free to also post the Certificate Access Path if you can, like below.

27z98mX.png

You can also add your Google Chrome version, if you're using a proxy or not, maybe even the DNS servers you are using. Any kind of information that can help.

Thank you.

Edited by Aura., 29 April 2015 - 05:20 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users