"Your connection is not private" on google sites
-
Hi,
I'm on Linux Mint 17.3 xfce.
After the last vivaldi-snapshot I can't enter ANY of google's sites, like www.google.com, maps.google.com, mail.google.com/mail/, translate.google.com
I get the following error:
"Your connection is not private
Attackers might be trying to steal your information from mail.google.com (for example, passwords, messages or credit cards). NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
www.google.com normally uses encryption to protect your information. When Vivaldi tried to connect to www.google.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be www.google.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Vivaldi stopped the connection before any data was exchanged.
You cannot visit www.google.com at the moment because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."
This is happening only to google pages.
However, I have no trouble visiting google pages from other browsers.
Any ideas?
Thanks
-
@astral No problems here (Linux Mint 18 KDE).
But I noticed that all your links are written with http:// instead of https://Do you have any extensions which might affect it?
Edit: I'm using Vivaldi 1.7.725.3 dev (64-bit)
-
My only extensions are Adblock Plus, "Search on youtube", and Streamkeys.
Even if I disable them nothing changes.I'm using Vivaldi 1.7.725.3 (Official Build) dev (64-bit) as well.
I have cleared history, cookies, etc. Still the same problem.
Edit: I forgot to mention that youtube is also not working.
-
@astral Well, I don't have any of those (UBlock, IMtranslator and HTTPSeverywhere)
Worth checking with a clean profile? Just rename profile folder and check.
You can rename it back afterwards.
https://forum.vivaldi.net/topic/10388/refreshing-or-cleaning-your-profile -
I just followed the steps in the link and made a clean Vivaldi prfile.
The problem is still there... no google no youtube. Just the same message...
-
@astral Very strange.
There were problems in earlier versions caused by Chromium updates but I thought they had all been sorted out.Have a look through https://forum.vivaldi.net/topic/12408/sudden-privacy-errors
Maybe some suggestions there are relevant.
-
Nothing seems to solve this problem.
Do you think reverting back to the previous snapshot would solve it or it's not worth it? -
@Gwen-Dragon I don't use a proxy. I have no problem at all with any other page. It is only giving me the message with google pages.
-
@Gwen-Dragon I did it and and all 5 components gave me "Status - Component not updated".
-
@Gwen-Dragon I have disabled all of my 3 extensions as I wrote in one of my previous posts, but the problem is still there.
What can I do about the OS's Root CA SSL certificates?
-
@Gwen-Dragon I did it, and now all components show "Status - New", but still I get this message in google pages...
Edit: I also pressed the "Check for update" on each 5 components in vivaldi://components , but only the CRLSet - Version: 3501 was updated showing: Status - Component updated.
The rest gave "Status - Component not updated" -
@Gwen-Dragon So updating the OS is the only way to go..?!
-
@astral said in "Your connection is not private" on google sites:
@Gwen-Dragon So updating the OS is the only way to go..?!
I thought that LTS should be supported until 2019 or something so you should still get updates for 17.3? I think that the problem might be something trivial but it is not easy to do a remote diagnosis. Updating your system might help. And be sure to set the date and time correctly (thats actually the most common cause for problems like this).
-
I want to also remind that in other browsers I have no problem visiting google sites. It's only with Vivaldi since the last snapshot update!
-
When visiting www.google.com I get both a SHA1 and SHA256 fingerprint. @astral What signature fingerprint does www.google.com have when visited with Vivaldi and does it match what you see in other browsers?
-
@bjorgvin I've installed chrome just to check the behaviour there.
And while it loads all google/youtube pages without a problem, at the security overview there is a warning about SHA-1 Certificate.
Specifically it says:
" The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1."Also, I came accross this: https://www.bleepingcomputer.com/news/security/google-to-show-errors-for-sha1-certificates-starting-with-chrome-56/
Edit: how can I see the fingerprint in vivaldi? Is there a way to switch to SHA256?
Thanks
-
Edit: how can I see the fingerprint in vivaldi? Is there a way to switch to SHA256?
Vivaldi should do that in the current version 1.6.
-
@bjorgvin But I'm using 1.7.725.3 (Official Build) dev (64-bit), so it should be implemented, right ? Then what is the problem..?
-
You say other browsers don't have problems, could does that apply to google-chrome-beta as well?
-
@bjorgvin With google-chrome-beta I get the exact same behavior as with Vivaldi. It gives me the "connection is not private" message and It won't load the page.
However, the standard Chrome will open all google pages regardless, simply having the red triangle sign of not secure.
Firefox will open all google pages without a problem.