0

I was trying to get a SSL Certificate for my website using XAMPP. I am doing exactly what they tell me to do using this tutorial http://robsnotebook.com/xampp-ssl-encrypt-passwords. For some reason I get this error https://i.gyazo.com/5da7549ca6baaed8ce96d5c55c9dd7e4.png It says that "The page is insecure (Broken https).

This is my httpd-vhosts.conf

<VirtualHost *:443>
        DocumentRoot "C:\Users\Administrator\Desktop\xampp\htdocs"
        ServerName myproject
        SSLEngine on
        SSLCertificateFile "conf/ssl.crt/server.crt"
        SSLCertificateKeyFile "conf/ssl.key/server.key"
        <Directory "C:\Users\Administrator\Desktop\xampp\htdocs">
            Options All
            AllowOverride All
            Require all granted
        </Directory>
    </VirtualHost>

And I've did everything they told me to do on the tutorial, please tell me why this error appears..

Bin Flaxx
  • 11
  • 5

1 Answers1

0

That SSL Certificate has outdated certificate chain called SHA1. SHA1 was announced in late 1995 and it does not fit with current security standards according to NIST (National Institute of Standard and Technology), so almost browser and Certificate Authorities have stopped supporting SHA1 certificates. I suggest you to ask your provider to issue SSL Certificate with latest SHA2 encryption which is accepted by most of browsers. I would like to give you some reference links which will guide you in detail:

https://blogs.technet.microsoft.com/srd/2013/11/12/security-advisory-2880823-recommendation-to-discontinue-use-of-sha-1/

https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html

https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Gunjan Tripathi
  • 298
  • 1
  • 5