Welcome to Centmin Mod Community
Register Now

Featured Chrome browser 39+ sunsetting SHA-1 SSL signatures

Discussion in 'All Internet & Web Performance News' started by eva2000, Sep 7, 2014.

  1. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
  2. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  3. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    try

    Code:
    » EssentialSSL / Free Certificate
    » Root: AddTrustExternalCARoot.crt
    » Intermediate 1: UTNAddTrustSGCCA.crt
    » Intermediate 2: ComodoUTNSGCCA.crt
    » Intermediate 3: EssentialSSLCA_2.crt
    » End-Entity/Domain Certificate
    cat root intermediate3 > ssl-trusted.crt

    should be root > intermediate 3 > intermediate 2 > intermediate 1 > ssl-trusted.crt
     
    Last edited: Sep 11, 2014
  4. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
  5. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what do you mean change the name of the EssentialSSLCA_2.crt file ?
     
  6. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
  7. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    so there's now 2 instead of 3 intermediate files ?

    Code:
    » Intermediate 1: UTNAddTrustSGCCA.crt
    » Intermediate 2: ComodoUTNSGCCA.crt
    those 2 aren't the same now ?
     
  8. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
    No, those are not what were given to me in the zip file after the reissue.
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    ah i see.. but you still got 3 intermediate files for Essential ?
     
  10. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
  11. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  12. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  13. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    8:42 AM
  14. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    According to this comment at List any complications with common CAs in getting SHA-2 certs · Issue #24 · konklone/shaaaaaaaaaaaaa · GitHub RapidSSL will start using SHA2 for intermediates from October 1, 2014

    But looks like it has come before October 1 - RapidSSL intermediate with SHA2 are now available
     
  15. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    9:42 PM
    Mainline
    10.2
    Using the new Intermediate of RapidSSL :(
    Bad score.
     
  16. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    might double check concatenated order and make sure you're using the right chain certificates
     
  17. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    9:42 PM
    Mainline
    10.2
  18. eva2000

    eva2000 Administrator Staff Member

    53,247
    12,117
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,655
    Local Time:
    11:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    from post 35 above
     
  19. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    9:42 PM
    Mainline
    10.2
    Sorry but don't understand it fully, Do you have the link for Intermediate and Root cert that is already SHA2?