New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Why cidero is banned?
He's banned?
Yea, after I posted, he's unbanned
Seems they have issued me english cert and its not showing green light on chrome. Any clues?
you can actually choose if you want english or chinese.
It's at the step where it ask if you want sha1 or sha2.
Same here .. nothing in my mailbox.
EFF ???
I selected English.. tried various combination and cant see the green light on chrome
I revoked the english one re-issued a chinese one and put the encrypted domain.csr at the top of my bundled.csr and it gave a green. However firefox and chrome on android gave me untrusted warning on the android phone. Chrome reports green.
Interesting firefox is fine in my case, its the chrome thats troubling ..
If you choose SHA1 firefox will show fine and chrome not. For SHA2 It is the other way round. I opted for the SHA2 encryption.
I have SHA2 algo and is fine in firefox, but not in Chrome.. am I missing anything?
Edit: checked on IE and is fine on IE as well. Also, chrome on android is fine
Nope, SHA2 certs should work fine everywhere. Check my test site with one https://romanrm.hk/
The only notable exception that is problematic is new Chrome (39) on old Windows (with disabled updates).
There it will show a yellow warning lock icon in the address bar (but still load the site).
Also just tested in standard browser on Android 4.1.1, works fine.
Exactly, I am using Chrome 40 and I dont see any yellow lock, but neither do I see a green lock. Just neutral.
Seems, it has something to do with this:
https://support.servertastic.com/deprecation-of-sha1-and-moving-to-sha2/
In short, problem is with "SHA1-based signature as part of the certificate chain"
For your info ...
I also have a a yellow warning lock for https://romanrm.hk/ on Chrome 39.0.2171.99 in Windows 8.1.
Yellow on Chrome for Linux too
Well, considering Wosign said they can't issue SHA2 for the moment. It's normal to get yellow.
@rm_ I don't see yellow on mine. But different devices, browsers end up seeing it with Wosign certificates. I think for now there is no perfect solution for it.
Green on Google Chrome Version 39.0.2171.99 (64-bit) / Fedora 21
Turk detected
Huh!
So what if I am? (:
To be honest, I don't even know at this point, just one thing I'm certain about, is that Google are assholes with their yellow lock icons. Some configs seem to show it even though they shouldn't. Will keep using StartSSL certs on my primary sites for now, and hope that WoSign updates their cross-signed certs soon.
I gave up.. will continue with StartSSL.
I keep getting "Submit request contains invalid data
Back Home" Error at the last step. Can't figure out what the problem is.
Dont use chrome, use firefox instead
No, it works with Chrome as well though I don't remember which error that was.
It says: "正在提交..." or "Being submitted..." when I try to register my account?
I'm not able to register an account.
Ok, a friend registered for me, but when entering the domain names it says: "Please enter the corresponding number of domain names".
Maybe I'm just to dumb to understand it lol.
@Joery This is a multi-domain cert, at the first step of ordering you selected how many domains you want on it. So now you need to enter exactly this number of domains there, one per line.
Awesome news: They finally got their SHA2 intermediate cert cross-signed by StartCom! The zip-file of new certificates will include the SHA2 intermediate, but there is no need to re-apply for the same certificate, just use your old certificate with the new cross-signed intermediate (the last one in the chain, this fixes the OCSP errors as well):
English: your-domain.com.crt -> ca1_dv_free_2.crt -> ca1_xs_sc_2.crt
Chinese: your-domain.com.crt -> -> ca2_dv_free_2.crt -> ca2_xs_sc_2.crt
The other great news is that they now have an English website at https://buy.wosign.com/free/ with the whole process on one single page. No need for registering an account first. On the new page my issues with "Submit request contains invalid data" are fixed as well.
I'm gonna be dumb here... what makes these different to the free SSL certificates offered by StartCom's StartSSL?