Google Chrome : Your connection to website is encrypted with obsolete cryptography

Problem :

While checking out if my SSL certificates installed correctly. I noticed that Google Chrome labelled the SSL connection as encrypted with obsolete cryptography.

obsolete encryption

Apparently, the website server SSL ciphers are weak and obsolete by today's standard and Chrome decided to provide the accurate nerd data(which is something good).

Solution :

I need to change the ciphers that are used to encrypt the connection. Since I'm not good with encryption stuff, I decided to use configuration from my another website which was marked as "modern" cryptography. So what I did was to copy the configuration(Apache) over and adapt to Nginx.

These are the lines in the nginx.conf file after modification :

 # default settings commented out
 # ssl_protocols  SSLv2 SSLv3 TLSv1;
 # ssl_ciphers  HIGH:!aNULL:!MD5;
 # ssl_prefer_server_ciphers on;

 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;

and after restarting Nginx. Google Chrome now sees the encryption as "modern" !

modern encryption

UPDATE : This is the Apache setting in ssl.conf file :


Hope this simple tutorial can be useful to you.

Reference :

  See also : SSL : The certificate is not trusted because no issuer chain was provided

By Adam Ng

IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.