SSL Certificates in Google Chrome

Google's new web browser, Chrome, has sparked a lot of discussion and interest in many of its new features. Though still in beta, it handles many things much better than all other current browsers. But how does it handle SSL certificates? Does it give the appropriate error messages and user interface notifications? That is what we are going to investigate.

First off, of course, it supports normal SSL certificates without any problem. It just displays a yellow background in the address bar, a lock icon on the right, and makes the https in the address bar green:

 Normal SSL Certificate in Google Chrome

Support for EV SSL certificates seems a little buggy in the current version. It is supposed to display the name of the validated company in green on the right side of the address bar like this:

 EV SSL Certificate in Google Chrome

The company name seems to display sometimes and not display at other times. This is a bug that will most likely be fixed by the next release of Googe Chrome.

SSL Error Messages in Google Chrome

How does Google Chrome handle SSL error messages? Very well. First let's look at a domain mismatch error. This occurs when the name on the SSL certificate doesn't match the name that the site is being accessed with in the browser. This is what Google Chrome displays in this case:

 Domain Mismatch error in Google Chrome

This is a great solution because it makes it very clear that something is wrong but it informs the user of exactly what the problem is and lets them easily proceed if they decide to. This is in contrast to the way Firefox makes you add an exception for each site.

The next error message is an untrusted certificate error (including self-signed certificates or incorrectly installed certificates from certificate authorities). This is the message that displays:

 Untrusted certificate error in Google Chrome

Again, it is very clear and allows you to easily proceed to the page anyway or go "back to safety".

Finally, what does Google Chrome do when some of the content on a page is not loaded from a secure source? It displays a warning icon in the right of the address bar and, when clicked, shows that the identity is verified but that parts of the page are not encrypted.

 Unauthenticated content error in Google Chrome

Also, client certificates don't seem to be supported yet. Overall, Google Chrome is on the right track in making sure that SSL errors are correctly identified and communicated to users.

Compare SSL Certificates

Digg del.icio.us Reddit

Posted on September 07, 2008
Showing comments 1 to 20 of 21 | Next | Last
Vinay Raghu
Posts: 18
Comment
Date and Time settings
Reply #21 on : Sun May 12, 2013, 02:08:05
It was the date and time. Thanks! I reset it and everything was working fine!
BA
Posts: 18
Comment
Secure/encrypted email
Reply #20 on : Sun August 26, 2012, 11:31:21
How do I send a digitally signed email that is secure and can be encrypted? I have already tried StartCom and Comodo, and neither supports Google Chrome email.

BTW - At least I can read the security code. NICE! :o}
null
Posts: 18
Comment
Thank you
Reply #19 on : Sun March 04, 2012, 18:33:00
Wow! A big thanks to you buddy!. It helps me.. Thanks a lot. :)
Fran
Posts: 18
Comment
I cant believe it
Reply #18 on : Thu March 01, 2012, 04:51:43
I cant believe that i waited for zanga games to fix my problem with the game not loading properly. But all it was, was the date had to be changed. OMG how simple was that.

thanks guys and girls
Ecka
Posts: 18
Comment
Re: SSL Certificates in Google Chrome
Reply #17 on : Thu December 29, 2011, 11:06:35
Can't believe that changing date sort my security problem lol
Thanks
mart
Posts: 18
Comment
Re: SSL Certificates in Google Chrome
Reply #16 on : Sat December 17, 2011, 20:20:04
thanx, i have encountered this mssge many times. now i know! adjust the date and time...
rom
Posts: 18
Comment
ssl error
Reply #15 on : Tue December 06, 2011, 02:43:57
thank you for posting some helpful things i adjust the time of my PC
Jonathan
Posts: 18
Comment
Re: SSL Certificates in Google Chrome
Reply #14 on : Wed November 09, 2011, 21:56:32
I had adjusted the date on my computer to take advantage of an trial offer on a software and that was causing the problem. Thank bilal for the suggestion.
kaushal
Posts: 18
Comment
ty
Reply #13 on : Sat June 18, 2011, 12:08:26
thanxx I just adjusted the date & time..and nw it is running properly
bilal
Posts: 18
Comment
another solution
Reply #12 on : Fri June 03, 2011, 06:33:16
just adjust the date and time!!!!!!!!!!!!!
Jivan jyoti maity
Posts: 18
Comment
Helpful
Reply #11 on : Wed February 16, 2011, 02:47:10
Thanx for this helpful article
franc
Posts: 18
Comment
and still no solution
Reply #10 on : Mon November 15, 2010, 09:25:29
Yes, good old Firefox allows me to add an exception. But chrome still doesn't, which is very annoying.
And there is no extension to solve this problem of chrome.
I know the site very well, it's mine, but every time i have to do this ugly procedure of pretending security.
Frances Fraser
Posts: 18
Comment
Re: SSL Certificates in Google Chrome
Reply #9 on : Tue June 30, 2009, 05:03:40
I much prefer google chrome but will have to use Internet Explorer( which keeps crashing on me) at the income tax site because of problems related to encryption and SSL signing as discussed above. The site does not support Google Chrome.
Robert
Posts: 3
Comment
re: chrome's lack of exceptions is a pain in the A**
Reply #8 on : Tue March 24, 2009, 18:25:40
That's true, doc. It would be nice to have it remember whether you've trusted a certificate before. Of course, for ecommerce sites that doesn't help because customers will be scared away before adding it as an exception. The solution for ecommerce sites is to redirect traffic to www (or vice versa) or get a certificate with both names in it (a SAN/UC certificate)
doc
Posts: 18
Comment
chrome's lack of exceptions is a pain in the A**
Reply #7 on : Tue March 24, 2009, 16:14:36
i have an internal host path to a webserver that i access with a cert that doesn't match the webserver's cert. this is *normal* for people who do web work. it's also *normal* for a non ecommerce site, like an open source site, to have a cert for "www" but not for every sub domain. by not allowing exceptions, they make it VERY hard to work with chrome... which made me, just today, put firefox BACK as my default browser
lojze.kamnik@gmail.com
Posts: 18
Comment
program ne najde certifikata
Reply #6 on : Thu December 18, 2008, 11:55:57
Na brskalniku Google Crhrome bi želel koristiti tudi storitev "abanet"; dostop do ban?nih storitev Abanke katere komintent sem. Za to storitev banke imam registriran certificat "sigenca".
Program Google Chrome pa me ne spusti na program, ker ne najde certifikata, ?eprav ga pod možnosti in naprednimi storitvami programa najdem.
Kaj storiti?
Druga?e pa je brskalnik Google Chrome zelo dober.
Robert
Posts: 3
Comment
Re: certificates handling problem
Reply #5 on : Sun September 28, 2008, 12:15:22
Georgi, I believe this is due to the fact that Chrome doesn't yet support client certificates. I'm sure support for it will be added before the final product is released, though.
Georgi
Posts: 18
Comment
certificates handling problem
Reply #4 on : Fri September 26, 2008, 16:25:07
In fact, Chrome is not applying all my certificates at all. I suppose this is some kind of a bug. I've imported my banking P12 certificates. When a virtual banking site needs the appropriate certificate, Firefox and IE are applying Crypto API as is needed, but the Chrome doesn't. I hope someday Google will fix this AWFUL issue...
Duane
Posts: 18
Comment
EV certs don't do what you think
Reply #3 on : Mon September 08, 2008, 06:37:27
All it takes is for one vendor to issue a certificate by mistake and all vendors cop the blame because there is nothing on the browser interface that effectively communicates who the CA responsible is.

The only websites this is useful for are companies like amazon.com, if the snakeoil sales men hadn't gotten things their way we could easily check the certs our banks use are the right ones based on the information on their stationary.

EV isn't the be all and end all everyone seems to be pushing it as, neither is SSL for that matter, which I wouldn't trust for anything other than credit card transactions especially since a Verisign rep said they would issue duplicated certs to government agencies if compelled, although I'd be interested to know which governments they'd comply with. Then of course no one is going to yank Verisign roots from browsers because their certs are too prolific, the whole thing is a big house of cards waiting to come crashing down, it's not a matter of if, but when.
Robert
Posts: 3
Comment
They had normal certs
Reply #2 on : Sun September 07, 2008, 22:56:44
Duane,

That quote was talking about normal SSL certificates. The whole point of EV certificates is to standardize and make it almost impossible for someone to get a certificate unless they are authorized to do so which will prevent these "black hat" hackers from getting a certificate for a big company or any company that they don't own. It is important for there to be a noticeable difference in the web browser between a normal certificate and an EV certificate or hackers will be able to continue using normal certificates and get away with it.
Showing comments 1 to 20 of 21 | Next | Last

Write a comment


If you have trouble reading the code, click on the code itself to generate a new random code.
Security Code:
 
Post Comment