4

Similar to this question, Chrome is showing the connection cryptography as obsolete. Opera, IE and Firefox seem perfectly fine with the connection.

enter image description here

My guess would be the message authentication is using SHA1, but when I view the certificate information, the only mention of SHA1 is the Thumbprint. This appears normal for Windows systems. What exactly is 'message authentication' referring to and what do I need to change server-side to fix this?

Chris Bornhoft
  • 145
  • 1
  • 1
  • 7
  • There is nothing to worry about SHA-1 for message authentication, so it is probable the leaf certificate or a chain certificate which is bad. If you would add the name of the site one could have a closer look. – Steffen Ullrich Apr 08 '15 at 15:05
  • @SteffenUllrich Thanks for the offer, I can send it to you in a chat. It's a dev environment which is why I omitted the domain. – Chris Bornhoft Apr 08 '15 at 15:25
  • As stated in the question you linked to, modern cryptography is AES_128_GCM or CHACHA20_POLY1305. You're using AES_256_CBC which, according to the issue also linked in that question, is far worse than the others. – user2313067 Apr 08 '15 at 16:07

3 Answers3

8

As described in this answer and in this commit to chrome only AEAD ciphers are considered state of the art security. It looks like that your server does not use the cipher preference of the client but instead has their own preference which looks like this:

ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
...
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
...

This means you prefer ECDHE-RSA-AES256-SHA to ECDHE-RSA-AES128-GCM-SHA256 and thus the chosen cipher based on Chromes offer will be AES256-SHA256, because it look like Chrome does not support the SHA384 ciphers. To fix it you might change the order and put the GCM ciphers on top of the preference list.

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
  • That would be it! I do have preferred ciphers listed on the server. I didn't realize Chrome doesn't support SHA384 just yet. – Chris Bornhoft Apr 08 '15 at 16:37
  • AEAD is only available in TLS 1.2, so there's more to it than AEAD. A client will trigger that warning with RC4 and MD5 on down level servers; while AES and SHA won't trigger the warning. –  Mar 07 '16 at 00:02
-1

It is actually the usage of a SHA-1-signed certificate. Everybody (including Google and Mozilla) is phasing them out.

Edit: Open that address in a new tab and take a look at the browser's console. There should be a link that will give a better explanation about what the issue really is.

DarkLighting
  • 1,513
  • 11
  • 16
  • 1
    The signature is using SHA256. Only the message authentication is using SHA1. – Chris Bornhoft Apr 08 '15 at 15:40
  • Open that address in a new tab and take a look at the browser's console. There should be a link that will give a better explanation about what the issue really is. – DarkLighting Apr 08 '15 at 17:27
-1

The website is using Sha1 certificates to provide security so the new chrome browser is showing it as week algorithm because most of the organizations already migrated to SHA2 certificates. it's just a warning it does not mean that its a non-secured connection.

Tatarao Vana
  • 139
  • 2