Welcome to Centmin Mod Community
Become a Member

SSL Chrome Security Indicator Road Map

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, May 18, 2018.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Google Chrome folks have released an article outlining the road map for Chrome security indicators for the next 6 months Chromium Blog: Evolving Chrome's security indicators. So if your site hasn't switched to HTTPS by default, start planning :)


     
  2. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    For Centmin Mod Nginx users, there's generally 3 ways of setting up HTTPS SSL certificate for Centmin Mod Nginx HTTP/2 based HTTPS

    Method 1. The traditional way via centmin.sh menu option 2, 22 and selecting yes to self-signed ssl certificates first. Then converting the self-signed ssl certificate to paid or free (Letsencrypt) web browser trusted SSL certificates outlined at How to switch self-signed SSL certificate to paid SSL certificate ? You would still need to follow the same steps outlined at Nginx SPDY SSL Configuration for obtaining and purchasing the paid SSL certificate and most important part is the concatenation of the SSL provider provided filesto create the mentioned /usr/local/nginx/conf/ssl/domaincom/ssl-unified.crt and /usr/local/nginx/conf/ssl/domaincom/ssl-trusted.crtfiles referenced in your Nginx SSL vhost config file.

    You may need to also decide if you want to enable HTTP to HTTPS redirect outlined at How to force redirect from HTTP:// to HTTPS:// ?

    If you didn't answer yes at time of initial nginx vhost creation to self-signed ssl certificates, you can manually setup the self-signed ssl certificate via the vhost generator by checking self-signed ssl box and enter a domain name. This will outline instructions for manually creating and setting up self-signed ssl certificate and nginx vhost settings. Then for web browser trusted ssl certificates you switch follow - How to switch self-signed SSL certificate to paid SSL certificate ?.

    Method 2. Using and testing Centmin Mod 123.09beta01's new addons/acmetool.sh addon which is still in beta testing only for integrating Letsencrypt SSL certificates. And has both auto and manual methods.

    Method 3. Fully manual method for free Letsencrypt SSL certificates.
    Note:
    • For wordpress auto installer, you actually need a read method 2 to enable LETSENCRYPT_DETECT='y' then run centmin.sh menu option 22 which will detect letsencrypt support and display the additional letsencrypt prompts required to issue free letsencrypt ssl certificates for wordpress auto installer
     
  3. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Why HTTPS Matters  |  Web Fundamentals  |  Google Developers

     
  4. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  5. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    And so it has begun

    upload_2018-6-2_1-8-13.png
     
  6. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  7. Revenge

    Revenge Active Member

    411
    86
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +304
    Local Time:
    4:04 PM
    1.9.x
    10.1.x
    I use Chrome Beta, and i already see that.
    No more http or https on the address bar. Just secure or not secure.
     
    • Agree Agree x 1
  8. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yup Chrome Canary shows

    upload_2018-6-30_15-15-37.png
     
  9. rdan

    rdan Premium Member Premium Member

    4,308
    1,044
    113
    May 25, 2014
    Ratings:
    +1,504
    Local Time:
    11:04 PM
    Mainline
    10.2
    Chrome Canary Version 69.0.3477.0 (Official Build) canary (64-bit)
    upload_2018-6-30_15-21-54.png
     
  10. Revenge

    Revenge Active Member

    411
    86
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +304
    Local Time:
    4:04 PM
    1.9.x
    10.1.x
    Mine doesn't appear the https, just "secure", or "seguro" in Portuguese.

    [​IMG]
     
  11. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    same version and still shows https:// part for me
     
  12. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    less than 3 weeks to go Google Chrome update to label HTTP-only sites insecure within WEEKS

    For Centmin Mod users getting free letsencrypt SSL certificates for HTTPS is easy if you're using Centmin Mod 123.09beta01 or newer branches.
     
  13. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    One more week to Chrome 68 and new security indicators ! Everyone ready ? :D
     
    • Agree Agree x 1
  14. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Just switched my Wordpress7 demo blog over to HTTPS default now (previously worked on non-HTTPS/HTTPS) :)
     
  15. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  16. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Chrome 68 has landed

    non-HTTPS Not Secure indicator

    upload_2018-7-25_10-40-10.png
     
    • Like Like x 1
  17. Revenge

    Revenge Active Member

    411
    86
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +304
    Local Time:
    4:04 PM
    1.9.x
    10.1.x
    I don't have that home button in Chrome Beta version 68.

    [​IMG]

    But that button appears on my Chrome Beta for Android.
     
  18. eva2000

    eva2000 Administrator Staff Member

    36,387
    7,992
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,304
    Local Time:
    1:04 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    yeah seems a bit inconsistent right now. That screenshot i did above was from Win 10 Chrome 68
     
..