Please help, we have a weird scenario where some Chrome user on Version 87.0.4280.88 (Official Build) (32-bit) get the information not secure page as referenced in
This error just started today 12/12/20 for these users. If you look at the screen shots you can see there are no mixed content or insecure resources loaded.
The next set of screen shots are here to provide additional details of what we see in the browser when the user clicks the login button and get the error page
I can be reached by cell phone below. Thanks for any guidance you can provide.
Empowering health insurance e-marketplaces.
To unsubscribe from this group and stop receiving emails from it, send an email to security-dev...@chromium.org.
Thanks for the response.
We use AWS Load Balancer in a TLS Termination(Off Loading) Configuration
From what we can tell the form is submitted over HTTPS but the response from the web server over HTTP to the Load Balancer is making it all the way to the Client’s browser(Chrome) instead of being terminated and converted to HTTPS. We submitted an issue to AWS however we believe the message presented to the consumer from Chrome is a false positive since the form does get submitted over HTTPS and it’s the response that is HTTP.
To resolve we had to move to a SSL Bridging Configuration basically making SSL Off Loading pointless
Hope this helps.
We agree something is happening at the Load Balancer layer that’s pushing the HTTP redirect response all the way up to the client browser, however my point is that the HTTP is in the response and not part of the submission which the Google Warning page seems to imply.