I got a very simple website without any link or something else. I created a self-signed certificate. (link to create self-signed certificate). After this I added it to my site in the IIS (link to add the self-signed certificate to IIS site). My Problem is now that my site is still not secure (local). Chrome, Firefox and IE are not accept my certificate. When I look if my certificate is valid: It's valid.
Can Anyone tell me why it's still not secure and how to fix it?
Self signed certificates are not trusted by default. You need to get the certificate from a trusted CA so that the users web browser trusts it. One recent example of a CA that issues free trusted certificates is Let's Encrypt.
I can see that you are using WordPress for your blog. Let's try a plugin really simple SSL. If you have any certificate install on your site it will detect and convert your pages in https. LetsEncrypt.org also is a way to obtain CA certificate.
You must need to install SSL certificate October 2017 onwards as per Google.
If you need further help read my blog to know that why we need SSL October onwards.
Hopefully, your issue will be resolved by a plugin.
Thank you
Related
So I chose to use Cloudflare's shared SSL certificate with CDN, now the website I sign up for has this certificate shown in the browser:
The "issued to" domain is not my domain, this caused a problem:
The https post API of my program thinks my website does not have a valid certificate
However, when I open up my site with Chrome browser, the secured icon shows up:
It seems that the browser thinks the Cloudflare shared certificate is OK,
while the "issued to" domain is clearly not my domain
So the question is:
Why does the browser trust the shared SSL certificate with "issued to" not matching my domain, while the WebRequest from a C# program does not trust?
Turns out there is a "Subject Alternate Names" field in the certificate details, which allows browsers to trust certificate with non "issued to" domain, big thanks to #SLaks.
The reason why it didn't work on my C# api access is that Unity does not support ECDH(Elliptic-curve Diffie–Hellman) for HTTPS, and Cloudflare only supports ECDH.
So, the HTTPS api to my server through Cloudflare is working for Chrome, but not working for Unity. I searched around and found it does not work for some versions of Monodevelop lineup and Xiamarin as well.
Bug
How resolve this problem in google chrome for my site:
The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.
in Internet Explorer functions normally.
You resolve the problem by getting a new certificate that uses SHA2. The SHA1 algorithm has been proven to have collisions, which means someone could make up a fake certificate and impersonate your site.
Chrome on purpose warns and does not accept those certificates anymore.
Typically, if you revoke and re-issue a certificate with your CA, you will get credit for the remaining time of your existing certificate.
The problem is not with Chrome, but with your certificate being considered 'unsafe' and Chrome taking a hard stance to make sure things are actually secure.
I'm using Fiddler2 on Windows to inspect and analyze HTTPS traffic. To make it less cumbersome, I've installed and trusted the Fiddler2 Root certificate. The Fiddler root certificate makes the browsing experience seamless; all the HTTPS sites are still "secured" (ie: the url is still https, and you still see a certificate lock).
But this becomes problematic when I forget to turn off Fiddler, and find myself browsing sites that I want to remain secured, only to find Fiddler still logging my traffic/content.
Is there a Chrome extension that I can install/use that would visible show when the HTTPS connection is secured by a certificate signed by a specific root?
Unfortunately, it doesn't look like such information is available in the chrome.webRequest API, which you would need to get it in a Chrome Extension.
There was previously a request to Provide information about the TLS connections to extensions via the webRequest API, but it was decided not to be implemented.
HI i'm accessing http://videobrochurecanada.ca/ on macs and it is prompting an ssl certificate error and then not running the stylesheet. Works fine on PCs Chrome.
Can someone help fix this?
The SSL certificate that is returned when accessing videobrochurecanada.ca has the wrong name. It's actually issued to newserver.dolcemag.com.
See the SSL Labs report (Archived here.)
I have created my own CA and signed a certificate for use on an internal HTTPS website. I have imported the CA Certificate into both the Trusted Root Certificate Authorities and the Intermediate Certificate Authorities on the IIS machine and the site certificate is bound to the site on port 4433.
This works fine on IE9 and Firefox (i.e. the site is trusted) but I still get an HTTPS with a red score through it in Chrome (version 23.0.1271.91) saying that the site is not trusted.
Everything I have come across thus far says add the CA to Trusted.... But this seems to be of no avail in Chrome.
Any Ideas?
I believe this is a server/IIS issue.
Try to restart the server and check your SSL expiration date....
Check this page it might help you