New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
See here: https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
TL;DR: Use a different, more trustable certificate provider. Let's Encrypt provides automated free certificates.
@joepie91 - I know about that, but that affects new certs only - this is an old cert and has been working up until today. Possibly I may be hitting a local firewall or security device, but then I don't understand why my other browsers would still work.
Possibly I may be hitting a local firewall or security device, but then I don't understand why my other browsers would still work.
Yup chrome completely block wosign ssl, few of my domain affected by this. My cert created 1 year before ban.
One by one my Startcom certificates are not being trusted in chrome either.
The block isn't at the OS level, windows still marks the certificate as valid. Chrome made the decision of blocking old certificates. They made an announcement on how they were going to do it, if I wasn't on mobile I would link it.
Other companies also said they weren't going to trust them, Apple and firefox made statements but not sure if they are going to block old certs as well.
One of my old cert still working fine
As far as i have read you are wrong, they decided to completely block all of the certs just to do it in waves and not all at once
Read the article I linked carefully:
The acceptance of old certificates was a grace period, intended for you to use to move away to a different certificate provider.
They started distrusting Wosign in Chrome v57. Already moved to Let's Encrypt.
Edit: They distrusts all certificates issued before/after Oct 2016.
Thanks guys - guess i'm updating my certs then I understood it to be all NEW certs would be penalized and all old certs would remain valid.