

Why does HN give me a SSL warning? (Chrome 42) - bearbin

For the last few days I&#x27;ve been getting a SSL warning when accessing HN.<p>http:&#x2F;&#x2F;i.imgur.com&#x2F;CjEG82Z.png<p>Here&#x27;s the certificate details screen:<p>http:&#x2F;&#x2F;i.imgur.com&#x2F;BRWjsvM.png<p>I&#x27;m using Chrome 42 on Debian 8.
======
pierky
Maybe something related to Chrome 42 SHA-1 sunsetting?
[http://googleonlinesecurity.blogspot.it/2014/09/gradually-
su...](http://googleonlinesecurity.blogspot.it/2014/09/gradually-sunsetting-
sha-1.html)

Server-side configs seem to be OK:
[https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombina...](https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombinator.com&s=198.41.190.47)

Cached chain with SHA-1 certs preferred over SHA-2 sent by server?

Maybe these links may help:

\- [https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=774195](https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=774195)

\-
[https://code.google.com/p/chromium/issues/detail?id=437733](https://code.google.com/p/chromium/issues/detail?id=437733)

My 2 cents

~~~
bearbin
The bugs you've linked at the bottom look like they're the right ones.

Thanks for the help, and I hope the fix gets pushed down soon.

------
mike-cardwell
I just tested on Chrome 42 on Debian 8. I'm seeing the exact same certificate
as you according to the displayed fingerprints, but I am getting no such
warning.

------
leshow
I'm also getting this warning on 42, debian 8

