Page MenuHomePhabricator

Chromium says "Your connection to is encrypted with obsolete cryptography"
Closed, ResolvedPublic


On clicking the green padlock icon in Chromium when is open, I get

Your connection to is encrypted with obsolete cryptography.

The connection uses TLS 1.2.

The connection is encrypted and authenticated using AES_128_GCM and uses RSA as the key exchange mechanism.

Some Chrome version says "using an obsolete cipher suite".

Event Timeline

polybuildr raised the priority of this task from to Needs Triage.
polybuildr updated the task description. (Show Details)
polybuildr added projects: HTTPS, Gerrit.
polybuildr added a subscriber: polybuildr.
polybuildr removed subscribers: Krenair, Matanya.
polybuildr added a subscriber: csteipp.
polybuildr added subscribers: Krenair, Matanya.

Also, Firefox does not complain.

Even commercial Chrome complains about this, and it's a valid complaint. Our gerrit server runs Apache 2.2 and does not have forward secrecy. There are ongoing tickets about this: (see e.g. T55259)

fgiunchedi claimed this task.
fgiunchedi added a subscriber: fgiunchedi.

@polybuildr I'm going to resolve this in favor of T55259: Add Forward Secrecy to all HTTPS sites, please reopen if need be!

Chmarkine changed the task status from Declined to Resolved.Jul 21 2015, 12:46 PM
Chmarkine added a subscriber: Chmarkine.

Why decline it? It has been resolved! Apache 2.2 now supports ECDHE. See T55259#1448222.

thanks @Chmarkine, I did miss that update! even better