Insecure site and Chrome browser

If you are having a problem using Vault, post a message here.

Moderator: SourceGear

Post Reply
kha
Posts: 221
Joined: Fri Sep 12, 2008 8:25 am

Insecure site and Chrome browser

Post by kha » Tue Nov 29, 2016 1:53 pm

I read about the plan that Chrome will warn users if the site doesn't use https starting from Jan 2017

https://casecurity.org/2016/11/21/the-w ... -to-https/

Currently the web-based admin Vault site that we are using is only for admin people (not developers)
The developers connect to the Vault server using the Vault client
Will this warning and change have any affect on the web-based users and the Vault client users (developers)? Just double check
From attending to the Symantec webinar, Chrome doesn't care if the website is internal or public, it just gives the warning
https://www.brighttalk.com/webcast/1058 ... ebiner-cta
http://img.website-security.symantec.co ... nmore-left

Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Re: Insecure site and Chrome browser

Post by Beth » Tue Nov 29, 2016 3:36 pm

The Vault client doesn't tie into the browser at all so you shouldn't see anything. The web pages though will get a complaint in Chrome unless they create a way to mark something as exempt from the warning.

You also have the option of using an SSL certificate with Vault. You could either purchase one from a third party, or set up your own Certificate Authority internally to generate one, and then install the certificate to the website until which Vault runs.
Beth Kieler
SourceGear Technical Support

kha
Posts: 221
Joined: Fri Sep 12, 2008 8:25 am

Re: Insecure site and Chrome browser

Post by kha » Tue Nov 29, 2016 3:38 pm

Thanks, Beth for the confirmation

Post Reply