Certificate warning in Chrome when using SHA-1 certificates
- Article Number: 000012496
- Products: Forcepoint Web Security, TRITON AP-WEB, Web Filter & Security, Web Security Gateway, Web Security Gateway Anywhere, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8
- Last Published Date: September 15, 2020
Notes & Warnings
Note All versions of Forcepoint Content Gateway software since 8.2 have been designed to use SHA-2 (256) certificates by default.
Important If using a Subordinate CA Certificate, and the internal organization root certificate used in the deployment is SHA-1, the issue will persist until the business root CA is updated regardless of Forcepoint Content Gateway version in place. Please consult with the certificate signer used by your organization.
When upgrading Google Chrome to version 57 or higher, you might receive multiple certificate warnings on websites that use HTTP Strict Transport Security (HSTS).
On November 16, 2016, Google announced that SHA-1 support in Chrome 57 has been removed.
After upgrading to Chrome 57 or the most current version of Chrome, certificate warnings might display in the browser for websites that use HSTS.
To resolve this issue:
Keywords: certificate error; ERR_CERT_WEAK_SIGNATURE_ALGORITHM; certificate warning; content gateway; WCG