This happens when you update from Chrome 55 to Chrome 56 (56.0.2924.87).
This is an increase in security enforcement.
It doesn’t go away by restarting the browser, and it’s not a bug.

Mountain View says it’s hoping you don’t ever encounter the message,
because Certificate Authorities are required to stop issuing SHA-1
certificates in 2016. Just in case, Google plans to continue issuing
warnings until Chrome completely stops supporting SHA-1 on January
1st, 2017. When that day comes, a website that still uses the function
will trigger a fatal network error.

If this happens, the most-likely cause is that your (or the website’s) SSL-certificate uses SHA1.
SHA1 is broken, and SSL certificates using SHA1 are not secure anymore (it’s now been a long time that Chrome showed this to you – now it blocks NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM).

Another likely cause is that your SSL-certificate expired
Also, you should disable backwards-compatiblity with SSL2 & SSL3 (Poodle Attack).
You should only be using TLS (SSL 3.1+).

To test your domain’s SSL-certificate, you can use SSL labs SSL test.

To find out what exactly the issue is:
Open the chrome developer console (CTRL + SHIFT + J OR F12)
And change to the security tab




For more information:


SHA-1 has been growing weaker and more insecure everyday for a decade
now, which is dangerous considering we tend to trust websites with
“https://” in their URLs. Other browsers like Mozilla Firefox and
Microsoft Edge also plan to stop supporting it in an effort to
encourage website owners to switch to more secure SHA-2 certificates
as soon as possible.

If you urgently need to get around it (you need to close all running instances of Chrome first – otherwise it won’t work):

chrome --args --ignore-certificate-errors

Please note: don’t go online-banking or gmail’ing with those command-line settings active in your Chrome instance.

Leave a Comment