Google Chrome : Your connection to website is encrypted with obsolete cryptography
Problem :
While checking out if my SSL certificates installed correctly. I noticed that Google Chrome labelled the SSL connection as encrypted with obsolete cryptography.
Apparently, the website server SSL ciphers are weak and obsolete by today's standard and Chrome decided to provide the accurate nerd data(which is something good).
Solution :
I need to change the ciphers that are used to encrypt the connection. Since I'm not good with encryption stuff, I decided to use configuration from my another website which was marked as "modern" cryptography. So what I did was to copy the configuration(Apache) over and adapt to Nginx.
These are the lines in the nginx.conf file after modification :
# default settings commented out
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4;
ssl_prefer_server_ciphers on;
and after restarting Nginx. Google Chrome now sees the encryption as "modern" !
UPDATE : This is the Apache setting in ssl.conf
file :
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
Hope this simple tutorial can be useful to you.
Reference :
http://www.chromium.org/Home/chromium-security/education/tls
See also : SSL : The certificate is not trusted because no issuer chain was provided
By Adam Ng
IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.
Advertisement
Tutorials
+16.1k Golang : How to save log messages to file?
+25.8k Golang : Find files by name - cross platform example
+3.5k Javascript : How to show different content with noscript?
+11.7k Golang : Convert int(year) to time.Time type
+8k Golang : Find the length of big.Int variable example
+4.9k Get website traffic ranking with Similar Web or Alexa
+8.1k Golang : How to check if a string with spaces in between is numeric?
+4.9k Javascript : How to replace HTML inside <div>?
+15.2k Golang : Check if a string contains multiple sub-strings in []string?
+5.3k Golang : How to solve "too many .rsrc sections" error?
+9.4k Golang : ISO8601 Duration Parser example
+4.6k Clean up Visual Studio For Mac installation failed disk full problem