Chrome Certificate Error: Resolving Mismatched SHA-1/SHA-2 Intermediate Chain Issues on Specific Machines


10 views

When debugging SSL/TLS issues, Chrome's varying certificate validation across devices presents a particularly tricky scenario. In this case, the server (later.webblocks.nl) shows perfect validation on most systems but triggers certificate warnings on specific Chrome instances. SSL Labs and GlobalSign validators confirm the certificate chain is properly configured with SHA-2 intermediates.

The root cause emerges when comparing certificate chains between machines:

# On working machine:
Certificate chain
 0 s:/CN=later.webblocks.nl
   i:/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
 1 s:/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority

# On affected machine:
Certificate chain
 0 s:/CN=later.webblocks.nl
   i:/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
 1 s:/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
   (SHA-1 signature)

The solution requires ensuring clients always receive the SHA-2 chain. For Apache servers:

SSLCertificateFile /path/to/domain.crt
SSLCertificateKeyFile /path/to/domain.key
SSLCertificateChainFile /path/to/sha2-intermediate.crt
# Explicitly disable SHA-1 intermediates
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite HIGH:!aNULL:!MD5:!SHA1

For Nginx configurations:

ssl_certificate /path/to/fullchain.pem; # Contains domain + SHA-2 intermediate
ssl_certificate_key /path/to/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';

Use OpenSSL to verify the presented chain:

openssl s_client -connect later.webblocks.nl:443 -servername later.webblocks.nl -showcerts

Check for SHA-256 signatures in the output. Chrome's DevTools Security tab should now show consistent validation across all devices.

For enterprise environments where legacy systems might cache old certificates:

  1. Clear Chrome's certificate cache via chrome://net-internals/#ssl
  2. Update the local machine's certificate store
  3. Verify no group policies are enforcing deprecated crypto standards

When Chrome on my work machine suddenly flagged https://later.webblocks.nl as insecure while other browsers and devices showed no issues, I knew this wasn't a simple certificate problem. The SSL Labs report showed perfect configuration, yet Chrome insisted:

NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
Subject: later.webblocks.nl
Issuer: StartCom Class 2 Primary Intermediate Server CA
Signature Algorithm: sha1WithRSAEncryption

Running OpenSSL commands revealed the root cause - inconsistent intermediate certificate delivery:

# Home PC (working):
openssl s_client -connect later.webblocks.nl:443 -showcerts | grep -i "signature algorithm"
Signature Algorithm: sha256WithRSAEncryption
Signature Algorithm: sha256WithRSAEncryption

# Work PC (broken):
Signature Algorithm: sha256WithRSAEncryption 
Signature Algorithm: sha1WithRSAEncryption  <-- Problem!

The Apache SSL configuration appeared correct at first glance:

SSLEngine on
SSLCertificateFile /path/to/cert.pem
SSLCertificateKeyFile /path/to/key.pem
SSLCertificateChainFile /path/to/intermediate.pem

But the chain file contained both SHA-1 and SHA-2 intermediates. Chrome was unpredictably choosing which to validate against.

Modern servers should explicitly specify the intermediate chain:

# For Apache 2.4+:
SSLCertificateFile /path/to/domain.crt
SSLCertificateKeyFile /path/to/domain.key
SSLCertificateChainFile /path/to/sha256_intermediate.crt

# For Nginx:
ssl_certificate /path/to/domain_chained.crt;
ssl_certificate_key /path/to/domain.key;

The chained certificate file should contain:

-----BEGIN CERTIFICATE-----
(Your domain certificate)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(SHA-256 intermediate only)
-----END CERTIFICATE-----

Use these commands to validate your fix:

# Check delivered chain:
openssl s_client -connect yourdomain:443 -showcerts

# Verify signature algorithms:
openssl x509 -in certificate.crt -text -noout | grep -i "signature algorithm"

# Qualys SSL test:
https://www.ssllabs.com/ssltest/