[SSL Observatory] www.torproject.org certificate chain fails to validate in Chrome on Windows
Chris Palmer
snackypants at gmail.com
Wed Jan 4 16:45:20 PST 2012
I can't reproduce the problem on Chrome 16.0.912.63 m on Windows 7. I
connect fine with no errors, and it passes Chrome's preloaded public
key pinning check. Perhaps the chain you are getting fails the pinning
check? (Check the SHA-1 hashes of the SPKIs of the certs in your cert
chain against the hashes found in chrome://net-internals/#hsts . Also,
the error page should mention something about absolutely not being
able to proceed because Chrome is certain that the certificate chain
is wrong.)
On Wed, Jan 4, 2012 at 4:23 PM, Ondrej Mikle <ondrej.mikle at nic.cz> wrote:
> Try to connect to https://www.torproject.org in Chrome on Windows. Latest
> Chrome (16.0.912.63 m) will give you "invalid signature" warning.
--
"These days, though, you have to be pretty technical before you can
even aspire to crudeness." — William Gibson
More information about the Observatory
mailing list