Identity not verified warning

Issue: Google Chrome users may see following messages in green lock "Identity not verified" or "The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it." There is no warning on page by itself and lock in the url tab is green. Image sample:

What is going on: Microsoft and Google are driving a migration to SHA-256 (aka SHA-2). Chrome will soon warn when it sees a SHA-1-signed certificates with expiry dates after 2015 as secure but with errors, and those which expire after 2016 as insecure. Already, SSL Labs has lowered their grade for such certificates. New cPanel CSRs (November 2014) are now being generated using SHA256. If you integrate your own CSRs into cPanel & WHM (transfer from other servers), cPanel will also accept SHA384, and even SHA512.

Solution: Reissue dedicated security certificate using any WHM/cPanel version 11.46 and up. Please select 4096-bit key size in WHM "Generate an SSL Certificate and Signing Request" section. After that please contact SSL vendor for new Intermediate CA Bundle with SHA-256 or SHA-2 support. If you obtained dedicated SSL from WestNIC, please contact our 24/7/365 technical support staff for assistance. We are fully supporting following products: Thawte, RapidSSL (Geotrust) and PositiveSSL (Comodo).

  • Back to HowTos
  • 100% Managed Dedicated Servers

    • 32-64 GB of DDR3 Memory
    • 3 TB SATA III disks
    • Free cPanel/WHM
    • Free Offsite Backups

    Premium Reseller Hosting Plans

    • Unlimited Domains
    • Unlimited Users
    • Free SSL and IPs
    • Save 25% today!