CentOS5 + Lighttpd (EPEL) – Fix Chrome Security Warning?

Home » CentOS » CentOS5 + Lighttpd (EPEL) – Fix Chrome Security Warning?
CentOS 4 Comments

Apologies if I should ask this elsewhere, google search is not helping.

I’ve got a CentOS5 server with lighttpd installed from EPEL, configured for https only (no connections on ports other than 443). I
have the latest security updates for openssl, etc. However, when connecting to the server with recent Chrome from Windows or Android, I
get the “Your connection is not private” dialog with
“NET::ERR_CERT_VALIDITY_TOO_LONG”.

Is this just a configuration issue (in which case, what do I change?)
or do I need to further upgrade one of lighttpd or openssl?

Thanks for any feedback.

4 thoughts on - CentOS5 + Lighttpd (EPEL) – Fix Chrome Security Warning?

  • Your certificate is apparently valid for longer than 39 months.

    Running your error message “NET::ERR_CERT_VALIDITY_TOO_LONG” through google returns pages and pages of information explaining this issue.

  • You need to reissue cert with stronger hash algorithm than sha1

    Eero
    21.4.2015 1.13 ap. “Bart Schaefer” kirjoitti:

  • Thanks, I just found that one myself. In fact on a different platform the error message from Chrome actually explains it directly rather than just quote the error string.

    I was too focused on restricting the search to lighttpd and not enough on the error string.

LEAVE A COMMENT