Skip to main content

Performance Issue: Chrome and Services with SHA1 Certificates

Last Updated:
2017-02-07 09:49:37
Event:
2017-02-02 18:59:00
Status:
Closed
Brief Description:
An update for Chrome browsers is causing some IT@Cornell service websites using SHA1 security certificates to be blocked because that type of certificate isn't trusted any longer by Chrome. Internet Explorer for Windows and Safari for Mac will work.
User Impact:
Warning screen suggesting the site might be unsafe.
Workaround:
Use Internet Explorer for Windows and Safari for Mac.
Current Status:
Service owners are in the process of updating the certificates associated with their service websites. A message will also be sent to remind them to do so.
Services Affected:
Desktop Software Bundles
Subsites Affected:
Net-Print
Full Description:
A recent update for Chrome browsers is causing websites using SHA1 security certificates to be blocked because that type of certificate is not trusted any longer by Chrome. Some IT@Cornell services are among these websites. When visiting one of these sites while using Chrome, a message may be displayed saying "Your connection is not private. Attackers may be trying to steal your information…"

Internet Explorer for Windows and Safari for Mac do allow browsing to these sites, and may be used while service owners update the certificates associated with their service websites.



Timeline of Changes

Description Current Status Date Time
A recent update for Chrome browsers is causing websites using SHA1 security certificates to be blocked because that type of certificate is not trusted any longer by Chrome. Some IT@Cornell services are among these websites. When visiting one of these sites while using Chrome, a message may be displayed saying "Your connection is not private. Attackers may be trying to steal your information…" Internet Explorer for Windows and Safari for Mac do allow browsing to these sites, and may be used while service owners update the certificates associated with their service websites. Service owners are in the process of updating the certificates associated with their service websites. A message will also be sent to remind them to do so. 2017-02-02 19:10:38