Updates:
Status: WontFix
Labels: -OS-Mac OS-All
Comment #2 on issue 477627 by
d...@chromium.org: 'Thawte Premium Server CA'
is invalid?
https://code.google.com/p/chromium/issues/detail?id=477627
The error for
https://rpp.rpdata.com/rpp/login.html is simply a
yellow-triangle mixed-content warning.
That usually means the secure webpage
https://rpp.rpdata.com/rpp/login.html
is also loading some regular/non-secure(HTTP) content.
The websites
https://email.virginaustralia.com and
https://policy5.responsys.net/permission.htm have Red HTTPS X/slash because
these websites uses outdated SHA-1 security settings. That means your
connection to these websites is not secure.
Please send a support request to the website owner/admin and provide them
with this info:
https://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
Sites with end-entity certificates that expire between 1 January 2016 and
31 December 2016 (inclusive), and which include a SHA-1-based signature as
part of the certificate chain, will be treated as “secure, but with minor
errors”.
Sites with end-entity certificates that expire on or after 1 January 2017,
and which include a SHA-1-based signature as part of the certificate chain,
will be treated as “affirmatively insecure”. Subresources from such domain
will be treated as “active mixed content”.
The current visual display for “affirmatively insecure” is a lock with a
red X, and a red strike-through text treatment in the URL scheme.
This is the expected display starting Chrome 42 and onwards and not an
error.