HTTPS encryption is the foundation of Internet security building, Baidu, Taobao, Lynx and other Internet giants to enable more and more site-wide HTTPS, also led to more sites to join the ranks of HTTPS encryption. Ordinary users gradually understand HTTPS is more secure than HTTP, first observed when accessing online banking, shopping and other important site have HTTPS encryption.
But in the daily course of the visit, users may find that some HTTPS sites are green, some are red, some display a security lock, but some exclamation mark is displayed. Since different browsers brands, different versions, for identification symbol HTTPS security status is also somewhat different, a little puzzled many users. This article describes summary display different states of HTTPS latest version of the browser.
Google Chrome
1, secure browser connection (Conection Security) sub-four states
HTTPS security-related identity varied, but the basic state is divided into the following four, Google's security identity is also based on a breakdown of the four states.
· Effective HTTPS (EV HTTPS and general HTTPS)
· HTTPS small error (security, there is a small error)
· HTTPS large error (invalid HTTPS, identify unsafe)
·HTTP
2, in July 2016 the latest version of Chrome security identity
Based on user research and understanding of the design challenges faced by the browser, Google proposed a set of new browser security identity for the effective performance of HTTPS, HTTP insecurity ( "HTTPS small error" the same as "HTTP unsafe" to use logo), invalid HTTPS secure.
In addition, the combined use of a complementary set of strings, allowing users to more easily understand the meaning of safety signs.
• For effective HTTPS: display "secure" and "https", with green safety lock
• For HTTP: display "http" and "site not secure", with black circles
• For invalid HTTPS: display "not secure" and "site not secure", with the red warning triangle
3, Chrome 56 warning SHA-1 and HTTP page logo
In order to allow more users to understand the use of unsafe sexual insecurity SHA-1 certificates and plaintext HTTP page. Released by the end of 2017 1 Chrome 56 will SHA-1 certificate is displayed as "invalid HTTPS", the input of sensitive information HTTP page labeled "HTTP unsafe."
SHA-1 Certificate
Chrome browser blocks SHA-1 progressive implementation of the plan in two steps, in order to give the user sufficient transitional period, before Chrome 56 browser version, for before January 1, 2016 issued for a period not more than 2017 and January 1, SHA-1 certificate day, still neutral black circle logo, are all safe text.
But from the beginning of Chrome 56, will stop supporting all issued by a public CA SHA-1 certificate (including intermediate certificate and root certificate terminal), all SHA-1 certificates marked as "invalid HTTPS", a red warning triangle. SHA-1 certificates issued by the PKI kangaroo must set up a local trust anchors, anchor not set local trust policy SHA-1 certificate will also display untrusted.
HTTP page
HTTP page in plain text transport protocol does not provide data encryption and authentication in any way, the transmission of data in the eavesdropping, tampering, posing among the three major risk. Previously, the browser does not have any safety tips for HTTP page, but then the relatively more secure HTTPS page contains a small error warning display, allowing users to mistakenly believe HTTP page more secure than HTTPS page contains minor errors.
In order to allow users to more clearly distinguish between the two, Chrome 56 version of HTTP page will officially marked as "unsafe", follow the neutral black circle logo, but adds a string Not Secure remind.
This prompt appears only in the current page input sensitive information, such as passwords or credit card information with the transmission of HTTP page, the next page will expand to more HTTP, the security identity will be gradually upgraded from neutral black circle in red warning triangle, and identify as invalid HTTPS.
If you need to eliminate https red triangle logo, you need to download the security certificate to a local directory, and then import the settings menu you can use the browser the following certificate management options.
How to export the certificate?
The result of the browser to distinguish between different large, chrome browser certificates in the electronic development tools.
So first open the URL, then enter f12 Developer Tools, and then click the security options, click on the view cerfiticated observation. Click Details, and then export the certificate to a local directory under.
How the browser to import a digital certificate?
https://jingyan.baidu.com/article/ce43664919d1383773afd39f.html