Announcement

Collapse
No announcement yet.

Check your SSL on Chrome 66

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Check your SSL on Chrome 66

    I recommend you test your SSL on the newest version of Chrome. Version 66.0.3359.117 release on 4/18/18. Came in today to find I am getting the error "Your connection is not private
    Attackers might be trying to steal your information from store.xxxxxxxxxxxx.com (for example, passwords, messages, or credit cards)". I talked with support and they said it should have already been reissued. It has to do with Chrome invalidating Symantec SSL's which includes RapidSSL used by 3dcart. You can read about it here.
    https://knowledge.rapidssl.com/suppo...ewlocale=en_US

    Not a great message for customers to see.

  • #2
    No issues with ours. You would definitely know if the certificate was reissued. Typically 3dCart will order it, then you'll receive an email to confirm it. After that 3dCart receives the certificate to install it. At least this was the process for us every time. Ours was reissued back on 07/2017. You may want to talk to somebody else.

    Comment


    • #3
      Originally posted by JoeBTI View Post
      Ours was reissued back on 07/2017.
      I would keep an eye on it Joe. According to the site I posted yours would need to be reissued by September 13, 2018 if they haven't done so already.

      Support did successfully reissue mine and the issue is resolved. Here was their response, "Your SSL certificate for store.xxxxxxxxx.com has been reissued using the latest DigiCert Root certificate to comply with Chrome new security requirements Chrome 66."

      Comment


      • #4
        Thanks for the heads up! Will check mine as well.

        Comment


        • #5
          Originally posted by ohc View Post
          I recommend you test your SSL on the newest version of Chrome. Version 66.0.3359.117 release on 4/18/18. Came in today to find I am getting the error "Your connection is not private
          Attackers might be trying to steal your information from store.xxxxxxxxxxxx.com (for example, passwords, messages, or credit cards)". I talked with support and they said it should have already been reissued. It has to do with Chrome invalidating Symantec SSL's which includes RapidSSL used by 3dcart. You can read about it here.
          https://knowledge.rapidssl.com/suppo...ewlocale=en_US

          Not a great message for customers to see.
          We are receiving the same message. Our SSL does not expire until 5/24/18. The Chrome page is blank with warning the attackers may be trying steal your info, etc.

          SSL is up to date. PCI compliance current. This is NOT GOOD.
          Last edited by Davef; 05-03-2018, 01:43 PM. Reason: More info

          Comment


          • #6
            3Dcart has now fixed my site. I don't know how long this has been going on. One customer called and I just dismissed it as a problem at their end. Big mistake. I don't know why 3dcart didn't address it.

            Support sent a link:
            https://blog.qualys.com/ssllabs/2017...c-certificates

            Comment

            Working...
            X