Ridesteady
Jetboaters Captain
- Messages
- 343
- Reaction score
- 532
- Points
- 207
- Location
- Austin, Texas
- Boat Make
- Yamaha
- Year
- 2006
- Boat Model
- SX
- Boat Length
- 21
Hey @Bruce @Julian ,
I just wanted to let you know that I (accidentally) upgraded to Google Chrome 57 (if you use Chrome and go to Help -> About Google Chrome, it will automatically update).
When I did that, jetboaters.net and a few other sites I visited kept throwing "Privacy Errors". Upon further investigation, it seems that certs signed by two authorities are being phased out (see information below).
Just wanted to give you a heads up before Chrome 57 is rolled out to everyone.
HTH!
-Justin
PS. We use ClickSSL for our certs. Dirt cheap, with a GeoTrust root.
The error is because those websites are still using old no-longer trusted security certificate issued by StartCom. For more details see:
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html - Distrusting WoSign and StartComCertificates
Google has determined that two CAs, WoSign and StartCom, have not maintained the high standards expected of CAs and will no longer be trusted by Google Chrome, in accordance with our Root Certificate Policy. This view is similar to the recent announcements by the root certificate programs of both Apple and Mozilla.
Beginning with Chrome 56, certificates issued by WoSign and StartCom after October 21, 2016 00:00:00 UTC will not be trusted. Certificates issued before this date may continue to be trusted, for a time, if they comply with the Certificate Transparency in Chrome policy or are issued to a limited set of domains known to be customers of WoSign and StartCom.
In subsequent Chrome releases, eg. Chrome 57 and later, these exceptions will be reduced and ultimately removed, culminating in the full distrust of these CAs. This staged approach is solely to ensure sites have the opportunity to transition to other Certificate Authorities that are still trusted in Google Chrome, thus minimizing disruption to users of these sites. Sites that find themselves on this whitelist will be able to request early removal once they’ve transitioned to new certificates. Any attempt by WoSign or StartCom to circumvent these controls will result in immediate and complete removal of trust.
Google remains committed to ensuring the safety and privacy of Google Chrome users. We appreciate the impact to users visiting sites with affected certificates and to the operators who run these sites, but the nature of these incidents, and the need to protect our users, prevent us from being able to take less disruptive steps.
You can help by contacting the affected website owner/administrators, and tell them to get new security certs from other trusted CAs.
I just wanted to let you know that I (accidentally) upgraded to Google Chrome 57 (if you use Chrome and go to Help -> About Google Chrome, it will automatically update).
When I did that, jetboaters.net and a few other sites I visited kept throwing "Privacy Errors". Upon further investigation, it seems that certs signed by two authorities are being phased out (see information below).
Just wanted to give you a heads up before Chrome 57 is rolled out to everyone.
HTH!
-Justin
PS. We use ClickSSL for our certs. Dirt cheap, with a GeoTrust root.
The error is because those websites are still using old no-longer trusted security certificate issued by StartCom. For more details see:
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html - Distrusting WoSign and StartComCertificates
Google has determined that two CAs, WoSign and StartCom, have not maintained the high standards expected of CAs and will no longer be trusted by Google Chrome, in accordance with our Root Certificate Policy. This view is similar to the recent announcements by the root certificate programs of both Apple and Mozilla.
Beginning with Chrome 56, certificates issued by WoSign and StartCom after October 21, 2016 00:00:00 UTC will not be trusted. Certificates issued before this date may continue to be trusted, for a time, if they comply with the Certificate Transparency in Chrome policy or are issued to a limited set of domains known to be customers of WoSign and StartCom.
In subsequent Chrome releases, eg. Chrome 57 and later, these exceptions will be reduced and ultimately removed, culminating in the full distrust of these CAs. This staged approach is solely to ensure sites have the opportunity to transition to other Certificate Authorities that are still trusted in Google Chrome, thus minimizing disruption to users of these sites. Sites that find themselves on this whitelist will be able to request early removal once they’ve transitioned to new certificates. Any attempt by WoSign or StartCom to circumvent these controls will result in immediate and complete removal of trust.
Google remains committed to ensuring the safety and privacy of Google Chrome users. We appreciate the impact to users visiting sites with affected certificates and to the operators who run these sites, but the nature of these incidents, and the need to protect our users, prevent us from being able to take less disruptive steps.
You can help by contacting the affected website owner/administrators, and tell them to get new security certs from other trusted CAs.
