[xubuntu-users] Untrusted certifiacte problems in Xubuntu 12.04 (but not Windows!)
mrzenwiz at gmail.com
Mon Jan 21 18:40:41 UTC 2013
On Fri, Jan 18, 2013 at 8:27 PM, Elizabeth Krumbach <lyz at ubuntu.com> wrote:
> Is your version of Google Chrome up to date?
Yes - Version 24.0.1312.52
> When I visit a site with
> an untrusted certificate I get a warning and a "Proceed anyway" button
> which is actually easier than having to download and add an exception
> in Firefox.
As I said, I don't.
> And can you inspect the certificate and determine what about it's
> saying is untrusted? (certificate authority, date, etc)
I've looked at the certificates, but they don't indicate what is not
valid in them.
I received a response from another list with this information that sounds right:
This is likely because your office is conducting a man-in-the-middle
attack on your traffic. This works as follows:
1. They intercept all your SSL traffic to monitor and possibly log it.
2. Since they don't have e.g. Gmail's real SSL private key, they resign
it with their own private key.
3. Since Chrome knows it's an untrusted key, they warn you.
Some offices at least acknowledge they're doing this and provide the SSL
key used for interception.
More information about the xubuntu-users