Don’t panic! Google is hurrying the website owners to upgrade their SSL Certificate, otherwise they will receive warning

Disclaimer: Every news/article published at Hacking Scams™ is not for hacking purposes. It is to promote awareness and to secure cyberspace. We never promote hacking through our articles. If you find anything inappropriate as similar to hacking, report us here.

For Visitors/Customers

After you visit any secure website like https://www.facebook.com or https://www.google.com, if you see green lock icon in the location bar as 1. Don’t panic! There is no security loophole. Website administrator uses SSL certificate to make their website secure as ‘https’. SSL certificate is proposed to provide benefits like confidentiality, reliability and identity.

While you use any public Internet (Like public Wi-Fi at cafe, coffee shop or airport), hackers are able to sniff/catch traffic between your computer and router (Like Wi-Fi router). But when you visit any secure website as ‘https’ website, your data get encrypted by your browser and hacker faces difficulty to decrypt encrypted data. For example ‘hackingscams’ could be encrypted as ‘smacsgnikcah’. But it is easy to decrypt it, as characters are written from last to first.

But SSL Certificate uses much complex encryption algorithm (formula), which hackers are not able to decrypt as complex decryption process. Only browsers and website servers are able to decrypt SSL traffic. SSL certificates benefit as integrity will protect your data from being modified without your knowledge.

Google is going to release Chrome version 39 with number of fixes and improvements. So you will see green lock icon 1 as 2in the location bar. You can further click on green lock icon with yellow triangle to read warning with explanation. You need not to worry as you are not being hacked or monitored. Secure website administrator will upgrade their SSL certificate soon, so that you see only 1 in the location bar.

 

For Website Owners

As already said, Google is going to release Chrome version 39 with number of fixes and improvements. So if your website is using SSL Certificates with signature algorithm as SHA 1, Google has started or will start issuing warning.  For SSL certificates valid till 1st January, 2017, warning will be issued as yellow triangle on green lock icon 2 in the location bar. Because SHA 1 algorithm is confirmed as unsecure algorithm and Google has declared that “Number of secure website uses this unsecure algorithm”, so it is stated as, “Slow-motion Emergency.”

Website owners don’t panic! There is no security loophole. You have to upgrade your SSL certificate as soon as possible. If you want to know that, which signature algorithm your secure website is using, you have to open your website in Chrome Browser. Click on the green lock icon in the location bar as shown in picture.

3

Then click on ‘Connection’, after that click on ‘Certificate information’ and at last click on ‘Details’.  You will be able to see somewhat like the image as shown below.

4

For Signature hash algorithm – If you see SHA-1, you need to immediately reissue your certificate using SHA-2 and install the new version. But if you have installed updated SSL Certificate and see something as SHA-256 which is one of the SHA2 hashing function, it does mean that you have secure and compatible SSL Certificate. And, Chrome will not issue yellow triangle on green lock icon.

It is something serious, because with warning training in location bar will give indication to your site visitors as something wrong. So you have to reissue your certificate as soon as possible and upgrade it to SHA-2.

For this, you have to visit your SSL provider website. For example, if your SSL provider is GoDaddy, do sign-in there and open your SSL panel. They will have option to reissue upgraded SSL certificate. If they don’t have option, then contact them by creating a ticket at their website. You have to resubmit your CSR (Certificate Signing Request) to them with SHA-2 or SHA-256 or another SHA-2 compatible function. And, after they approve your request and provide you upgraded SSL Certificate, you have to configure it in your website. In case you are not able to configure at your website do contact your site administrator or developer.

Note: Please don’t forget to share this article with site administrator and general people. So that they don’t panic when they see yellow triangle on green lock icon on a secure website. Further I do always recommend you to stop using Public Wi-Fi. Otherwise you could be hacked, because a hacker knows many methods to sniff/catch SSL traffic by making use of vulnerability (Weakness) in router (Like Wi-Fi Router). At Hacking Scam website, it is our duty to update and secure you with latest technology update and by leaking out Hacking Scams news.

Subscribe to Hacking Scams

    

Like us on Facebook

CEO and Ethical Hacker at EH1 Infotech™ | Technology Certified™ (Units of Baghla Technologies Private Limited). President at Anti Hacking Welfare Society, India. Founder, Author and Editor at Hacking Scams™. Visit his Official Website. Stay alert people, it’s time to fight back against hacking scams and security threats.


  • Facebook(0)
  • Google Plus(0)
  • Disqus(0)
Join Our Mailing List

Don’t miss latest Hacking and Security news delivered at your email from the cluster of Hacking Scams™ articles.

Enter your email address:

CLOSE