Google Chrome HTTPS Warnings - portal.simwood.com
Incident Report for Simwood
Resolved
The affected certificates have been removed from portal.simwood.com and replaced with an EV SSL certificate.

Please accept our apologies for any inconvenience that this may have caused.
Posted 6 months ago. Feb 07, 2017 - 16:56 UTC
Identified
We are aware that the latest version of Google Chrome (57) no longer trusts the certificate presented by https://portal.simwood.com - this will be resolved within the next 24 hours, we are currently awaiting issue of a replacement certificate.

The security and functionality of the portal is not affected, and you can either choose to ignore the warning or use another browser.

HTTPS provides two benefits; encryption and identity verification. Your session is encrypted identically whether a simple 'self-signed' certificate is used, but third party Certificate Authorities (CAs) 'sign' commercial certificates to provide identity verification - i.e. to ensure that portal.simwood.com is operated by Simwood. It is this verification that has been rescinded in the in the latest version of Google Chrome.

Our certificate was previously signed by StartCom, who were considered a reputable CA. Unfortunately, following their acquisition by WoSign, it has become apparent that their standards are such that they can no longer be considered a trusted source of identity verification. As such, Google (along with Apple and Mozilla) no longer trust certificates signed by StartCom

The full Google announcement can be found here https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html

We apologise for any inconvenience this causes and would like to assure you that the warning you are seeing is not a cause for concern.
Posted 6 months ago. Feb 07, 2017 - 10:25 UTC