mjan Posted December 1, 2014 Share Posted December 1, 2014 Hello, The provider of the template I use write me the problem of broken padlock under chrome browser is a problem of security of prestashop 1.6.0.9. You can see that at that adress : https://jcorporate.fr/authentification?back=my-account Because it said the search module runs correctly. Has Prestashop team can fix that ? Thank you for your answer Link to comment Share on other sites More sharing options...
Orphee Posted December 3, 2014 Share Posted December 3, 2014 (edited) The problem of the broken padlock with Google Chrome has nothing to do with Prestashop. The problem is with your certificate. As far as I can guess, you are using a certificate from GeoTrust, included in a 1and1 Unlimited Hosting package, right ? Problem : these certificates use SHA-1 cypher encryption, which is totally out-dated. Google has decided to drop SHA-1 support in the next monthes, and has begun to show a broken padlock in Chrome-dev when such a certificate is detected. Next step : use this broken padlock in Chrome-beta, then in a few weeks, in Chrome vanilla. So if you are hosted by 1and1, ask them to generate new certificates. I have this problem too, with my website hosted by 1and1, (Unlimited Linux Hosting package), and I already have asked them, on Twitter, for a new certificate. Their answer was : "Buy a dedicaced 1and1 server, and you will be free to manage your certificates by yourself". This is the polite words for "Go to hell, you cheap webmaster", I suppose… Edited December 3, 2014 by Orphee (see edit history) Link to comment Share on other sites More sharing options...
Orphee Posted December 3, 2014 Share Posted December 3, 2014 Mais mais mais… On est dans le forum français, ici… Pourquoi j'ai répondu en anglais, moi ?!? Link to comment Share on other sites More sharing options...
mjan Posted December 3, 2014 Author Share Posted December 3, 2014 Merci mais a priori 1&1 indique que c'est chrome qui a un soucis, que google sait est travaille à réparer avec une nouvelle version sous peu. Voilà. A quel saint se vouer Link to comment Share on other sites More sharing options...
mjan Posted December 3, 2014 Author Share Posted December 3, 2014 Et en plus je peux pas mettre chrome à jour puisque windows 8.1 indique : L'administrateur a désactivé les mises à jour. lol Un ordi tout neuf Link to comment Share on other sites More sharing options...
Orphee Posted December 3, 2014 Share Posted December 3, 2014 Merci mais a priori 1&1 indique que c'est chrome qui a un soucis, que google sait est travaille à réparer avec une nouvelle version sous peu. Voilà. A quel saint se vouer Faux et archi-faux. Google a officiellement communiqué sur leur abandon des certificats signés en SHA-1 : http://googleonlinesecurity.blogspot.fr/2014/09/gradually-sunsetting-sha-1.html et une très bonne analyse ici : https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1 1and1 ment, et il FAUT exiger qu'ils nous mettent à jour nos certificats, sinon les gens vont mettre en doute les boutiques. Je vais bientôt commencer à les harceler sur Twitter avec cette question. Link to comment Share on other sites More sharing options...
mjan Posted December 11, 2014 Author Share Posted December 11, 2014 Désolé du retard, merci pour tes obersvations Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now