Last updated on 28 Sept 2023, 10:32:42.
Category:
All about SSL certificates
SSL Google Chrome SHA-1 SHA-2 SHA-256
The yellow warning triangle you may see when visiting a webpage that's secured with SSL, is an indication that Google Chrome found insecure content on that page, either because the page contains both HTTPS and HTTP content, or because the browser detected that the website is using an obsolete encryption mechanism, such as SHA-1.
A possible cause is that it's your own browser who's the culprit. Have a look at the following issues:
Google's got a lot more to say about SSL errors on its Google Chrome SSL help page.
Qualys SSL Labs's browser SSL test page offers you instant insights in the security failings of your browser.
Are you the owner of the website?
You may get to see the warning message because your SSL certificate makes use of legacy encryption technology that's no longer viewed as safe. Google has decided to sunset SSL certificates signed with an insecure SHA-1 hash gradually by introducing browser warnings.
The most common cause for this warning, however, is that your site may be serving content both over an encrypted channel (through https://) and over a non-encrypted channel (through http://). Most often, this happens when including external images, javascripts or css. Check the hyperlinks in your document and replace them with https:// or protocol-relative links (links starting with "//").
For a full audit of your web server and your certificate's security, visit Qualys SSL Labs' test page at the following URL: https://www.ssllabs.com/ssltest/. The analysis will show eventual shortcomings in your web server's configuration, such as negotiating obsolete SSL protocol versions, and whether your encryption makes use of modern, safe algorithms.
If you fail to get a passing grade, or if you're really keen on that A+, try the following:
As a Kinamo customer, all you have to do if you want an SHA-256 certificate is to contact us and we'll res-issue your certificate for free. You'll find more relevant information about SHA-256 on the « SHA-1, SHA-2 en SHA-256 algorithms » page.
Never fear if you aren't a Kinamo customer yet. Most Certificate Authorities will gladly offer to add the remaining validity of your certificate to a new one, in some cases even adding 30 days for free. Have a look at our SSL certificates pages or contact Kinamo for advice on how to proceed.
Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!