Author

Topic: MultiBit.org is not HTTPS secure in my browser ? (Read 725 times)

newbie
Activity: 14
Merit: 0
it says the identity of the site is verified by Startcom
newbie
Activity: 14
Merit: 0
On Chrome (a chromebook, in-fact) and I have the green highlighted https.

Odd that it's red for you.
What does that mean for me then.. could my pc be infected or something ? or just a bug from chrome ?

just accept the certificate and download your stuff
newbie
Activity: 3
Merit: 0
Well it says the identity of the site is verified by Startcom, but also says (and this is highlighted as the issue) it's 256-bit coded and that the page also contains parts that are not secure (and it says sources could be seen by others or could be edited by hackers etc). It's written in dutch so i translated it partyly...
My time is set correct.

256-bit encryption should not be a reason for it to be considered invalid.

Odd that you're seeing a "parts that are not secure" message on multibit.org - I don't see that. I believe that is Chrome's equivalent of the 'mixed content' warning, which means that some elements of the page were served up over HTTP rather than HTTPS, which as far as I can tell shouldn't be happening on multibit.org and isn't here. Malware may actually be a possibility, perhaps something is injecting ads or something served over HTTP into the page for you?

Try the following, maybe:

  • CTRL-SHIFT-I to open the Chrome inspector window (while on multibit.org)
  • Go to the Network tab
  • Right click the column headers (Name, Method, Status, etc) and enable 'Scheme' as a column
  • Force a page refresh with CTRL-F5 with the inspector window still open.
  • Now check for anything in the list of resources fetched which has a Scheme of 'http' instead of 'https'.

If there's anything http there, that would explain Chrome's complaint, and might be indicative of something being injected (since I see nothing being linked via HTTP on multibit.org here). Perhaps malware, a proxy, a chrome extension, or even your ISP?
full member
Activity: 168
Merit: 100
It's green for me in Chrome as well.

If it's red, your browser thinks it is illegitimate, of course. Could be that someone your browser's trusted keys are borked? multibit.org's cert is signed by Startcom, maybe somehow Startcom CA cert has been ripped out of your Chrome's stash of trusted keys? No idea how, mind you, but it would explain it...

Is it possible that your machine's clock is totally wrong, set in the future? The SSL cert for multibit.org expires in Dec 2015, so if your machine thought it was past that date, that would be another explanation... you'd likely be having problems with more than Chrome though.

If you click on the lock icon beside the https, and look under the Connection tab there, it should give some further info about why it doesn't trust the cert.
Well it says the identity of the site is verified by Startcom, but also says (and this is highlighted as the issue) it's 256-bit coded and that the page also contains parts that are not secure (and it says sources could be seen by others or could be edited by hackers etc). It's written in dutch so i translated it partyly...
My time is set correct.
newbie
Activity: 3
Merit: 0
It's green for me in Chrome as well.

If it's red, your browser thinks it is illegitimate, of course. Could be that someone your browser's trusted keys are borked? multibit.org's cert is signed by Startcom, maybe somehow Startcom CA cert has been ripped out of your Chrome's stash of trusted keys? No idea how, mind you, but it would explain it...

Is it possible that your machine's clock is totally wrong, set in the future? The SSL cert for multibit.org expires in Dec 2015, so if your machine thought it was past that date, that would be another explanation... you'd likely be having problems with more than Chrome though.

If you click on the lock icon beside the https, and look under the Connection tab there, it should give some further info about why it doesn't trust the cert.
full member
Activity: 168
Merit: 100
Also green for me on Chrome, grey on firefox. which dns server do you use?

DNS-servers . . . . . . . . . . . : 195.130.130.129
                                    195.130.131.129
full member
Activity: 196
Merit: 100
Also green for me on Chrome, grey on firefox. which dns server do you use?
full member
Activity: 168
Merit: 100
On Chrome (a chromebook, in-fact) and I have the green highlighted https.

Odd that it's red for you.
What does that mean for me then.. could my pc be infected or something ? or just a bug from chrome ?
member
Activity: 106
Merit: 10
On Chrome (a chromebook, in-fact) and I have the green highlighted https.

Odd that it's red for you.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Not sure about chrome, its green with mine, but I dont use it normally.

FF says its mixed content so some parts come via http some via https.
full member
Activity: 168
Merit: 100
When i go to https://multibit.org with chrome, the site in my browser looks like this:

https://multibit.org   (instead of the secure look: https://multibit.org  .... )

Do you guys see the same thing with chrome ? Does this mean it is not HTTPS secure ? I wanted to download the wallet but this disturbs me Smiley


thanks in advance
-rnbin
Jump to: