Chrome Security Certificate Warnings

S

savory

Thinks s/he gets paid by the post
Joined
Jul 3, 2011
Messages
1,292
Hi,

I had a couple of sites WHILE USING CHROME (not on other browsers) where I received a security certificate warning. Yodlee was the most troubling.

For those who do not know, the security certificate indicates if the site is encrypted. On Chrome, you see it as a picture of a green lock (encrypted), lock with a yellow caution sign (you may have protection but not wise to use) and/or a big red X (suggesting the site is not protected at all).

Google has recently issued this warning to sites indicating that Chrome will be upgrading its security certificate. If the site does not accept this or has been slow to change, Chrome will show it as not being safe to enter i.e. not properly encrypted. The yellow caution sign is the first warning. Here is the link from Google indicating the sunsetting of certain certificates. Google Online Security Blog: Gradually sunsetting SHA-1

My question is for those using Google Chrome, have you begun to notice sites that are no longer "safe". I attached a picture of the lock with the yellow caution sign that appears in the address bar so you will know exactly what it looks like. The other indicator is a big red X, with a red line through the letters https also in the address bar .

Are you seeing sites with these warnings in Chrome? Thanks

Thanks
 

Attachments

  • Yodle certificate.JPG
    Yodle certificate.JPG
    10.1 KB · Views: 114
Last edited:
Yes, I have had them for many months on my Google Chrome machine. I have noticed upon entry into the secure site the padlock rids itself of the yellow changes to the correct security lock though. So I haven't worried about it. But then again, I am no security expert.


Sent from my iPad using Tapatalk
 
davef said:
Hi,

I had a couple of sites WHILE USING CHROME (not on other browsers) where I received a security certificate warning. Yodlee was the most troubling.

For those who do not know, the security certificate indicates if the site is encrypted. On Chrome, you see it as a picture of a green lock (encrypted), lock with a yellow caution sign (you may have protection but not wise to use) and/or a big red X (suggesting the site is not protected at all).

Google has recently issued this warning to sites indicating that Chrome will be upgrading its security certificate. If the site does not accept this or has been slow to change, Chrome will show it as not being safe to enter i.e. not properly encrypted. The yellow caution sign is the first warning. Here is the link from Google indicating the sunsetting of certain certificates. Google Online Security Blog: Gradually sunsetting SHA-1

My question is for those using Google Chrome, have you begun to notice sites that are no longer "safe". I attached a picture of the lock with the yellow caution sign that appears in the address bar so you will know exactly what it looks like. The other indicator is a big red X, with a red line through the letters https also in the address bar .

Are you seeing sites with these warnings in Chrome? Thanks

Thanks
Click to expand...

UPDATE: Yodlee Labs is now working properly. While Yodlee simply said they fixed the problem, the security certificate was updated. It took about a week between the time of the first contact (trying to learn whose problem it was) and ultimately Yodlee realizing the problem was on their end (as I analyzed it).

Yodlee is the company providing background support/security to many financial websites, including banks. If Yodlee could miss this change on their website (likely a very small and insignificant part of their effort but....), then anyone of our financial institutions can. Consequently, I am looking at the security certificates and based upon the Google Chrome letter, I am giving my financial institutions a heads-up. I figure at minimum it serves as a good reminder. In the case that generated this note, it actually resulted in a significant change.
 
I just received this message from Hewitt "As an update, I am told the Deferral Select web certificate was updated over the weekend." I went to the site and it is now up to date.
 
You must log in or register to reply here.

Similar threads

Janet H
Chrome Update - Security Patch ASAP
Replies
3
Views
650
MichaelB
MichaelB
M
Name for Social Security
Replies
17
Views
958
REWahoo
REWahoo
K
Lost phone, recovered from perp
2
Replies
49
Views
3K
Gremlin
Gremlin
2017ish
Driving and Hiking Patagonia, Emphasizing the Carretera Austral.
Replies
11
Views
921
klebs01
K
easysurfer
How To Restore The Green Lock on Firefox
Replies
0
Views
713
easysurfer
easysurfer

Latest posts

Back
Top Bottom