Forum Discussion
NimbostratusSSL error ( Yellow triangle)
HI All,
I have created SSL profile and attached to one of the VIP in the F5 load balancer . When I am trying to access the VIP through Google chrome it was showing Yellow triangle on the Lock before https:// . I installed Sha-2 certificate but i am still seeing an error encrypted with outdated cryptography" using SHA-1. please let me know if some knows how to resolve this issue
6 Replies
amolariCirrostratus
what is the exact error you're getting? Maybe it's the Cipher suite you're using?
Probably RSA is used as the key exchange mechanism. Instead, you should use DHE_RSA or ECDHE_RSA.
vvskaladhar_488HI Thanks a lot for quick response.
Please find attached imagage
TechTHi Kaladhar, can you check if you are associated the right Chain for the cert ?
- vvskaladhar_488
HI Maneesh,
Chain was provided and verified by Symantec and they confirmed no issues its a sha-2 Intermediate cert
- TechT
Seems something to do with the certificate itself, found couple of linking explaining the "obsolete cryptography". Did you tried it in any other browser what it shows ?
http://stackoverflow.com/questions/29216285/iis-tls-certificate-chrome-says-we-are-using-obsolete-cryptography http://security.stackexchange.com/questions/83831/google-chrome-your-connection-to-website-is-encrypted-with-obsolete-cryptograph
Also you can read below for the explanation on obsolete, try chasing the vendor and see their response --
Search for : Deprecation of TLS Features/Algorithms in Chrome
cjuniorNacreous
Looks like you have http resources within the https too. Are your pool members SSL offloaded? If so, uses profile http rewrite or iRule to change the "unsafe" addresses.
