9

For the website scirra.com (click for SSL Labs Server Test Results) Google Chrome reports the following icon:

Enter image description here

It's an EV SSL, and it seems to work fine in Firefox and Internet Explorer, but not Chrome. What is the reason for this?

Peter Mortensen
  • 2,319
  • 5
  • 23
  • 24
Tom Gullen
  • 375
  • 4
  • 7
  • 24
  • Actually, referring websites isn't a good practice, maybe if you would pay its advertising cost to the SE company... – peterh Jan 28 '15 at 16:10
  • 6
    @PeterHorvath Wouldn't it be valid to include the domain for a question like this? How could we determine the cause of the problem without investigating the actual certificate? Nevertheless, I did suggest an edit with the domain in plain text and a link to the Qualys SSL Server Test. – Paul Jan 28 '15 at 16:59
  • 1
    @Paul This is because I only warned him, and didn't do any other. And now I even upvote his question because I think it deserves that. Normally, during reviews, if we find an external link, it needs to be examined if it is not some "hidden gem" or like. It is much better if the url is coming from a known site (imgur, jsfiddle, etc). – peterh Jan 28 '15 at 17:09
  • 1
    Note that [Mozilla is going to be phasing out SHA-1 certs as well](https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/). – user Jan 28 '15 at 19:42
  • I would imagine all browsers on the market will be sunsetting SHA-1. Google just took the lead. – taco Feb 05 '15 at 03:45

3 Answers3

15

What you see is now is not the "green address bar" you would expect with an EV certificate, but the following:

enter image description here

The reason for that is the following announcement on the Google Online Security blog:

The SHA-1 cryptographic hash algorithm has been known to be considerably weaker than it was designed to be since at least 2005 — 9 years ago. Collision attacks against SHA-1 are too affordable for us to consider it safe for the public web PKI. We can only expect that attacks will get cheaper.

That’s why Chrome will start the process of sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39 in November. ... Sites with end-entity certificates that expire between 1 June 2016 to 31 December 2016 (inclusive), and which include a SHA-1-based signature as part of the certificate chain, will be treated as “secure, but with minor errors”.

The "secure but with minor errors" is indicated by the warning sign in the padlock and outdated security settings in the extended message are the fact that the certificate relies on the SHA-1 hash algorithm.

What you need to do is the following:

Generate a new private key with a SHA-256 hash and a new Certificate Signing Request (CSR) and get your SSL provider to re-issue you with a new certificate. With EV certificates a re-issue typically requires more or less the same hoops you had to jump through to get the certificate initially, but you should get a new certificate valid until the same expiry date of the current certificate at no/little additional charge.

In openssl you would use something like the following command line:

openssl req -nodes -sha256 -newkey rsa:2048 -keyout www.scirra.com.sha256.key -out www.scirra.com.sha256.csr
HBruijn
  • 72,524
  • 21
  • 127
  • 192
  • 1
    I noticed in the [SSL Labs Server Test Results](https://www.ssllabs.com/ssltest/analyze.html?d=scirra.com%2F) that the HTTP server signature is Microsoft-IIS/7.5. I haven't used any of Microsoft's server products, so wasn't sure if your `openssl` command is option for this user. – Paul Jan 28 '15 at 16:54
  • 1
    You don't *need* to generate a new key. You can just get a new certificate for your current key, as shown in taco's answer. It doesn't matter either way, though, except for burning a few CPU cycles generating prime numbers. – Matt Nordhoff Jan 29 '15 at 05:07
10

This is because of Google's sunset plan for SHA-1.

  • There is no immediate security concern.
  • SHA-2 is the current recommended hashing algorithm for SSL. No breaches with certificates using SHA-1 have been reported.
  • The display of degraded UI indicators on Chrome 39 and later is part of Google’s SHA-1 deprecation plan and will apply to all Certificate Authorities (CAs).
  • The degraded UI will only be visible by users of Chrome 39 and later, not earlier versions. Contact your SSL Vendor after having your sysadmin locate your existing private key (on your web server), and they will perform a certificate reissue with SHA-2 for free. You will need a new CSR.

The following will create a new CSR on OSX/Linux if OpenSSL is installed (refer to your existing SSL Certificate fields as the domain (aka "Common Name") needs to stay the same :

Linux/OSX:

openssl req -new -sha256 -key myexistingprivate.key -out newcsr.csr

For Windows, see this TechNet article.

At this point you may need to contact your vendor for help, if you do not see a reissue option via their SSL portal. Comodo's website looks it details how to do this if this is not enough information for you.

Once the SHA-2 certificate is installed, this will get rid of the "problem" you see in Chrome.

taco
  • 231
  • 2
  • 5
5

You need SHA2 certificate to make it disappear. More info about Gradually sunsetting SHA-1

rumburak
  • 289
  • 2
  • 16
  • 2
    [SSL Labs correctly reports](https://www.ssllabs.com/ssltest/analyze.html?d=unpm.org) my website as still having an SHA1 certificate, yet it does not have the same warnings in Chrome. However, SSL Labs reports that [scirra.com](https://www.ssllabs.com/ssltest/analyze.html?d=scirra.com%2F) has many other issues, including SSL 3, RC4, and no FS. I suspect it is not just that the certificate is signed using SHA1, but also that its expiration date is after the SHA1 sunset (2016). – Paul Jan 28 '15 at 15:43
  • 1
    @Paul that is included in the link. `Sites with end-entity certificates that expire on or after 1 January 2017, and which include a SHA-1-based signature as part of the certificate chain, will be treated as “neutral, lacking security”.` – faker Jan 28 '15 at 15:45
  • 2
    @faker SE sites frown on answers or questions that rely on information in links. The relevant information should be included. In fact, I would go so far as to state that this answer is technically incorrect, because the user *could* solve the problem by using an SHA1 certificate that expires before 2016. – Paul Jan 28 '15 at 15:46
  • 1
    @Paul fair enough, but you said you suspect that this is the reason. I was only clarifying... – faker Jan 28 '15 at 15:51
  • @Paul: Expiration date is embedded in the certificate, so he need new cert anyways, so why would he get a new one with short expiration date and still SHA1 ? – rumburak Jan 28 '15 at 15:58
  • I don't know how the user could get one, and I'm not advising it, but if the user could get one, then the warning would go away. If the link in your answer gets changed or goes away, then anyone coming upon this question will not understand why the answer is valid. That is my real point. Usually answers like yours get downvoted, but I guess the only thing the community cares about today is just providing the most terse of answers. – Paul Jan 28 '15 at 16:02
  • @Paul: You can always google 'Gradually sunsetting SHA-1', cant you ? That is why I left this text there. Anyways I do not recommend replacing SSL certs with SHA1 for anyone. If you do recommend this then it seems that our opinions are different on this. – rumburak Jan 28 '15 at 16:29
  • 3
    Take a look at how they do things at [Stack Overflow](https://stackoverflow.com/questions/26562057/chrome-latest-beta-update-ssl-certificate-warning). That is a much better answer than yours. – Paul Jan 28 '15 at 16:32