Join the community today
Register Now

Featured Chrome browser 39+ sunsetting SHA-1 SSL signatures

Discussion in 'All Internet & Web Performance News' started by eva2000, Sep 7, 2014.

  1. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
  2. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  3. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    try

    Code:
    » EssentialSSL / Free Certificate
    » Root: AddTrustExternalCARoot.crt
    » Intermediate 1: UTNAddTrustSGCCA.crt
    » Intermediate 2: ComodoUTNSGCCA.crt
    » Intermediate 3: EssentialSSLCA_2.crt
    » End-Entity/Domain Certificate
    cat root intermediate3 > ssl-trusted.crt

    should be root > intermediate 3 > intermediate 2 > intermediate 1 > ssl-trusted.crt
     
    Last edited: Sep 11, 2014
  4. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
    • Like Like x 1
  5. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    what do you mean change the name of the EssentialSSLCA_2.crt file ?
     
  6. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
  7. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    so there's now 2 instead of 3 intermediate files ?

    Code:
    » Intermediate 1: UTNAddTrustSGCCA.crt
    » Intermediate 2: ComodoUTNSGCCA.crt
    those 2 aren't the same now ?
     
  8. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
    No, those are not what were given to me in the zip file after the reissue.
     
  9. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    ah i see.. but you still got 3 intermediate files for Essential ?
     
  10. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
    • Like Like x 1
  11. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  12. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  13. BamaStangGuy

    BamaStangGuy Premium Member Premium Member

    648
    187
    43
    May 25, 2014
    Ratings:
    +262
    Local Time:
    3:59 AM
    • Like Like x 1
  14. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    According to this comment at List any complications with common CAs in getting SHA-2 certs · Issue #24 · konklone/shaaaaaaaaaaaaa · GitHub RapidSSL will start using SHA2 for intermediates from October 1, 2014

    But looks like it has come before October 1 - RapidSSL intermediate with SHA2 are now available
     
    • Like Like x 1
  15. rdan

    rdan Well-Known Member

    4,877
    1,162
    113
    May 25, 2014
    Ratings:
    +1,744
    Local Time:
    4:59 PM
    Mainline
    10.2
    Using the new Intermediate of RapidSSL :(
    Bad score.
     
  16. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    might double check concatenated order and make sure you're using the right chain certificates
     
  17. rdan

    rdan Well-Known Member

    4,877
    1,162
    113
    May 25, 2014
    Ratings:
    +1,744
    Local Time:
    4:59 PM
    Mainline
    10.2
  18. eva2000

    eva2000 Administrator Staff Member

    43,524
    9,875
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,250
    Local Time:
    6:59 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    from post 35 above
     
  19. rdan

    rdan Well-Known Member

    4,877
    1,162
    113
    May 25, 2014
    Ratings:
    +1,744
    Local Time:
    4:59 PM
    Mainline
    10.2
    Sorry but don't understand it fully, Do you have the link for Intermediate and Root cert that is already SHA2?