I'm considering to buy a SSL certificate from external Certificate Authority to my web service which does not involve e-commerce. So I was planning to request the simplest class 1 cert to eliminate the scary warning message
(eg. When building https connection to a site with self-signed certificate. The chrome warns).
Your connection is not private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards).
Back to safetyHide advanced This server could not prove that it is localhost; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to localhost (unsafe)
NET::ERR_CERT_AUTHORITY_INVALID
Through google-ing, I saw some questions
( Class 1 Certificate not accepted on android,
StartSSL class 1 certificate not accepted by browser (Weblogic 10.0.1) )
saying that their class 1 cert not accepted by some browser/environment. Although their cause seems just faulty settings.
Besides, there is an announce that Mozilla is planning to reject certificate with insecure algorithm based signature start from January 1, 2017. ( Phasing Out Certificates with SHA-1 based Signature Algorithms )
That is, there exists an announce to reject a certificate because the based algorithm is insecure. And I want to know if there is some browser/environment that reject certificate because the investigation level is too low?
In short, I want to make sure:
Is there any modern browser/machine that does not accept class 1 certificate and shows scary message to the user?
