Google Chrome hides SSL certificate details button

January 30, 2017
internet security technology

Until a few days ago, at least if you have not updated Google Chrome to version 56, you could simply click on the green padlock in the address bar to view SSL certificate details.

Google Chrome - SSL certificate padlock

Google Chrome now hides SSL certificate details from the padlock.

Many users who had the habit to look at certificate details to obtain information on the issuer, expiry date or SANs (SubjectAltName) would just find the missing “details” button annoying. Instead of “details” there is nonetheless a “learn more” option which opens the Chrome Help page referring to Google Chrome security symbols. This itself speaks about the intent of Google. It’s to educate users about online security rather than opening up technicalities of non interest to common users.

On 8 September 2016, the Google Security Team published their plan to strike harder against websites with poor security standards. Thus, websites that effect sensitive transactions over HTTP (e.g forms submitting password or credit card details), are now marked as non-secure.

I visited and clicked on the “sign in” link. Google Chrome displays a “Not secure” label in the address bar.

SSL certificate - "Not secure" label in Chrome

The website submits user password over HTTP which is a poor practice, hence labelled “Not secure” by Chrome.

Developers on the removal of the “details” button

The move to replace “Details” by “Learn more” was heavily discussed by Chromium developers. The Google Security Team made a proposal to bring UX changes in browsers so as to be explicit about non-secure websites. The proposal makes reference to “RFC 7258: Pervasive Monitoring Is an Attack” and several other media articles, therefore highlighting that surveillance attacks aren’t myths but real. ?

How to view SSL certificate details in Google Chrome?

That must be the question you’re asking. I thought it too, Google wouldn’t just remove that “details tab” just like that. It must still be available somewhere. In fact if you read through the Chromium developers discussion you may note that there is a general understanding that developers would know where to find it.

Navigate to Chrome menu > More tools > Developer Tools > Security tab > View Certificate Button to view SSL certificate details.

Google Chrome - SSL certificate - Security tab

Else there is a simpler shortcut by typing Ctrl + Shift + i. website compromised?

December 7, 2017
linux wordpress security

Apple MacOS root access flaw

November 29, 2017
apple macos security

IBM to withdraw support for TLS 1.0 and 1.1

November 29, 2017
ibm security