Ask Your Question
1

why the ssl IS red use CHROME ?

asked 2013-10-19 21:19:12 -0500

cjsh gravatar image

he site uses SSL, but Google Chrome has detected either high-risk insecure content on the page or problems with the site’s certificate. Don’t enter sensitive information on this page. Invalid certificate or other serious https issues could indicate that someone is attempting to tamper with your connection to the site.

in China,all most https is red expect GMAIL.COM ........but SAGE CLOUD not politics and humanrights,be spy?

edit retag flag offensive close merge delete

Comments

Are you saying that you suspect a "man-in-the-middle" from your computer to https://cloud.sagemath.com/ ?

rickhg12hs gravatar imagerickhg12hs ( 2013-10-19 22:29:15 -0500 )edit

2 answers

Sort by » oldest newest most voted
1

answered 2013-10-20 00:55:27 -0500

tmonteil gravatar image

updated 2013-10-20 07:00:58 -0500

This is not specific to China, but to how chrome/chromium deal with certificates. If you click on the padlock, and then on "certificate information", you should see that the certificate has been issued by godaddy. But this authority is not included by debault in chrome/chromium. You can search on the web how to import godaddy SSL certificate to chrome/chromium (this may depend on your OS), and then it should work fine.

If you suspect a man-in-the-middle attack, you can directly check if the SHA256 fingerprint of the SSL certificate of cloud is

5E 10 38 3B 82 EF E8 E5 05 FE 22 03 17 60 C9 54 68 F1 E1 9C 50 3D 0F B2 69 0F 7D 71 CF E9 82 65

and the SHA1 fingerprint should be

AA 6E 73 4B E1 86 C6 EC E0 61 E9 C3 7E F4 B5 E8 1E 78 BE 9B

(unless someone is also proxying ask.sagemath.org and changing these values on the fly...).

If this is correct, then you should click on "proceed anyway". I am not used to chrome/chromium, but there should be a way to "accept this certificate permanently", and you should do this as well: then, if the certificate changes (e.g. by a man-in-the-middle attack), then you will get a warning.

The problem with storing certificates is that some are stored system-wide, some are stored by the webbrowser, and this depends on the webbrowser and the OS, so i cannot say much more here, and you should read some informations about your configuration.

A possible solution is to try with firefox.

Another possible solution is to install Sage on your computer and use it directly.

edit flag offensive delete link more
0

answered 2013-10-21 19:48:11 -0500

cjsh gravatar image

thank both masters very much!

Go Daddy Class 2 Certification Authority----there are sha1_rsa-2048 Go Daddy Secure Certification Authority----there are sha1_rsa-2048 SAGE CLOUD.com ------button is grey ,cannot watch the finger_print

connection to the site(sage-cloud) is encrypted by aes256_cbc,but the web cannot be trusted.

chrome means not fully encrypted : Your connection to the site is encrypted, but Google Chrome has detected mixed scripting on the page. Be careful if you’re entering personal information on this page. Mixed scripting can provide a loophole for someone to take over the page. This content could be third-party scripts or videos embedded on the page. If you’re connected to the Internet via a public wireless network, mixed scripting is especially risky because wireless networks are easier to tamper with than wired networks.

this is too troube..... anyway sage cloud is run normal,so OK!

edit flag offensive delete link more

Comments

1

I did have some embedded youtube videos in the page, but I removed them due to potential security concerns as mentioned above. (But that was weeks ago.) Anyway, let me know if you have further concerns.

William Stein gravatar imageWilliam Stein ( 2013-10-22 20:49:47 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-10-19 21:19:12 -0500

Seen: 846 times

Last updated: Oct 21 '13