Re: Chrome Windows Xp Certificate Error
Gifford Brickley
What it sounds like is the web site uses HTTPS and a Certificate for purposes of non-repudiation and encryption. The Web Browser is dependent upon the certificate and the PC Clock being set to relatively correct time and the correct time zone.
Using extremely outdated software increases the likelihood of errors in the process of a HTTPS site being rendered and must be expected. If you conflate this with malware and malicious activity the I strongly suggest a modern PC and software and educate yourself on the threat landscape. After all, it is... Cybersecurity Awareness Month
I set my clock by the Bureau of Standards master clock and it is more accurate than most sites that I visit. I also choose Zulu time for convenience as that is the same where ever I may physically be.
You're welcome.
You just need to add the command. Take your time, google the subject for the exact instructions. It's pretty simple and works like a charm.
And if you decide to adjust only your Google Chrome desktop shortcut this way - then make sure to always use that shortcut when launching Chrome.
MyPal and Centaury are probably the best browsers for Windows XP you can find these days. They are no longer being updated, but they can still do more than Chrome.
--
The only alternatives to them are Chinese browsers... which, while quite amazing and successfully mimicking modern browsers, I can't really recommend, as they consume vast amounts of resources and pose a security risk - lots of users complain about their data leaking to China. So, you need to know exactly what you're doing and probably pick the modified version of those instead of the official release.
--
Back to the subject. I also doubt the battery is to blame, yes, but all articles I have read about it do mention the battery as a possibility, so it's always good to consider it.
PS. You could include some screenshots (and crop them), but this really sounds like the same issue I'm experiencing myself. And if so, then it's not an actual phishing attempt, like David said.
Still, good that you're being careful. Never click on anything you're unsure about.
In many cases even very old computers will still run Windows 10. If you can't purchase a new computer, perhaps you can consider buying a new SSD drive which is much faster and install Windows 10 there are some links on how to install and in many cases the installation will work and activate for free.
I have been told that chrome used to do the client side certificates automatically but apparently does not do that any longer. dont know cant say. While I do know a lot about security , certificates were never anything I dealt with before.
And FYI_all I do have a win8.1 and win10 that I rarely use. Also a 98SE that is used more than the laptops. That is because of space problems now that I am retired for win81 and I have to set up the laptop every time I use it then restore the space to its previous usage. Win10 is just a total POS from my perspective although I know some people love it. I am just tired of learning new UIs that are harder to use to do what is needed. Next time it will be a linux distro to avoid the nonsense that microstuff does to us. Maybe if the 98SE died I would move the data and junk the desktop to make room for the win8.1 laptop.
Just remember to avoid Asian browsers. They are awesome, but they can be somewhat incompatible or, at worst, do some harm to the computer or spy on it. You need a smart IT guy to use them to their full advantage. Don't even consider them now.
There is no money in supporting an OS that is now 20 years old. Could they support it, yes. Obviously they chose not to and that's pretty much the end of it. Staying on something old is up to the user (you) to find ways to make things work.
Believe me, I loved Windows XP but I don't have time and energy to stay with XP as my main computer. I have it running well on VMware 16 for testing, etc. but that's about it.
As for all these 3rd party browser developments you have to consider that both Google and Mozilla have hundreds more developers available to them and an entire software ecosystem to help support find, reporting, repairing, exploits or other security issues. In most cases these other browser projects have less than a handful of developers and rarely find or fix exploits before they're well known and already being exploited in the wild. That alone is a main reason for staying with the larger browser market.
But, staying on XP on purpose is a chosen risk. There is no software, no antivirus, that is going to protect that OS 100%. Having an image of the entire system saved to an external USB drive or using VMware or Virtualbox is the only way to protect it well so that you can recover within minutes if something does happen to the system as it can be very difficult to build and setup Windows XP from scratch.
You can make XP work, but it takes time, dedication and lots of experimenting. And even then, each one's way of achieving that can be somewhat different, so don't count on the easy way.
Back to the main topic, the clock issue. Try googling this particular problem, you'll find that it's quite common. Lots of legitimate articles on the web.
Annoying? Sure, no doubt, especially if your clock is set correctly, as you say. But it's still not a novelty of any kind (much to my discontent, but it is what it is).
i still use 98se because it has an ap i use that does not run on later systems. it also runs rings around the xp because it is totally air gapped and i ripped all the security software out of it. i would still be using 95 if i could have changed that battery but it was buried too deep and soldered in so i gave up on that system.
i do not feel afraid of using xp. i do have mbam which is a help. and there is nothing on it that i could lose that really matters. my data is backed up. there is no financial or similar info on it. and these days xp is not really targeted like some other versions are. and i do have mbam so i am careful about ransomware phishing as mbam does not do that for xp.
like I said, if i am forced to do something it will be to use a linux distro. first ap would be libre office for word processing. then a browser. and of course mbam. actually two linuces - one large desktop totally airgapped for wp speed, audio DAW, and financial info security. the other a smaller box with mbam and limited to surfing which includes email using hotmail. also my current pop3 email client unless they finally stop supporting that at my isp.
Here is an article about Backup software. Note that as stated before. If you want to stay on XP then everything you do will require that you do more extensive research as current documentation for XP is almost non-existent these days.
well i bit the bullet and took a chance with a site that i trust and also based on belief that the error message is coming from chrome not a virus. at least i did not see any ransomware like actions next. and i had scrubbed the system with mbam before doing it. will now be doing another scrub to see if anything new shows up after clicking on the clock fix icon.
Google Chrome has been showing "your clock is ahead" errors on Windows XP. Updating root certificates from BlackWingCat's root certificates update solves the problem for now. Also The IdentTrust DST Root CA X3 certificate expired on 30th September 2021, meaning many browsers will break without a certificate update.
Looked at a couple of others and either they failed or I did not like them enough to get them installed as I had gotten chrome to work just fine for many years after firefox/foxfire self imploded on that update. If it were not for their stop regenerating certificates in the XP version I would use it till the hardware died.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
I have created a self-signed SSL certificate for the localhost CN. Firefox accepts this certificate after initially complaining about it, as expected. Chrome and IE, however, refuse to accept it, even after adding the certificate to the system certificate store under Trusted Roots. Even though the certificate is listed as correctly installed when I click "View certificate information" in Chrome's HTTPS popup, it still insists the certificate cannot be trusted.
EDIT: I tried this again on a new machine and the certificate did not appear on the Manage Certificates window just by continuing from the red untrusted certificate page. I had to do the following:
Import the myCA.pfx into the Trusted Certificate Authorities of Windows by opening (double-click) the myCA.pfx file, selecting "Local Machine" and Next, Next again, enter the password and then Next, and select "Place all certificates int he following store:" and click on Browse and choose "Trusted Root Certification Authorities" and Next, and then Finish.
As of Chrome 58, the ability to identify the host using only commonName was removed. Certificates must now use subjectAltName to identify their host(s). See further discussion here and bug tracker here. In the past, subjectAltName was used only for multi-host certs so some internal CA tools don't include them.
So whatever method you are using to generate your self-signed cert (or cert signed by a self-signed CA), ensure that the server's cert contains a subjectAltName with the proper DNS and/or IP entry/entries, even if it's just for a single host.
d3342ee215