That is a generic error message when Chrome does not have a more specific error to show.
Something else I would try is to use something like the openssl command line to verify the certificate. You can use the command "openssl s_client -connect server_name:443" to have OpenSSL tell you what certificate is actually being served. Once it gets to the end of the output, it will appear to hang - it is actually waiting for input, so you can just stop it. The output should show you the protocol and ciphers that were in use. Example: [image: Inline image 1] What does yours say? - Y On Fri, Jun 26, 2015 at 1:21 PM, Cohen, Laurence <lco...@novetta.com> wrote: > Thank you. Chrome says "You cannot visit website xxx.yyy.com right now > because the website sent scrambled credentials that Chrome cannot process. > I'm not sure where these credentials are coming from, but I'm assuming this > is the .crt files in httpd/conf/ssl.crt. > > Thanks, > > Larry > > On Fri, Jun 26, 2015 at 1:16 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: > >> When Chrome does not show the coninue option, it usually has an >> additional error message where the button would be that shows more details. >> For example, this is an HSTS error: >> http://blogs.msdn.com/cfs-filesystemfile.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-47-13-metablogapi/8446.chrome37_5F00_404325B2.png >> >> Microsoft lists several reasons that the continue button would not be >> shown in IE. >> http://blogs.msdn.com/b/ieinternals/archive/2014/02/02/10481591.aspx >> >> The error page’s *Continue* link is hidden: >> >> 1. If the certificate is revoked >> 2. If the certificate is deemed insecure >> >> <http://blogs.msdn.com/b/ieinternals/archive/2012/06/13/windows-internet-explorer-block-rsa-key-shorter-than-1024-bits.aspx> >> (e.g. >> contains a 512-bit RSA key) >> 3. If the page is in a “pinned site” instance >> >> <http://blogs.msdn.com/b/ie/archive/2011/03/11/internet-explorer-9-security-part-3-browse-more-securely-with-pinned-sites.aspx> >> 4. If group policy is set to Prevent Ignoring Certificate Errors >> >> >> The article is old, but I believe these are still correct. >> Could one of those be your issue? >> - Y >> >> On Fri, Jun 26, 2015 at 1:06 PM, Cohen, Laurence <lco...@novetta.com> >> wrote: >> >>> Thanks for the response Yehuda. Unfortunately Chrome doesn't give me >>> this error. It just tells me that my connection isn't private. When I >>> click on advanced there is no option to go forward to the web server like I >>> get on some of the other servers I work with. >>> >>> Larry Cohen >>> >>> On Fri, Jun 26, 2015 at 12:33 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: >>> >>>> I have seen this happen when you send an HSTS header. The Chrome error >>>> would say that specifically. >>>> A workaround would be to install that certificate on your system (with >>>> the mmc certificate snap-in) so that it becomes a trusted certificate - >>>> trusted site in IE is not enough. >>>> >>>> - Y >>>> >>>> On Fri, Jun 26, 2015 at 10:54 AM, Cohen, Laurence <lco...@novetta.com> >>>> wrote: >>>> >>>>> I have a test server on which we have a self-signed certificate. I >>>>> get the error "There is a problem with this website's security >>>>> certificate." which is expected because I'm using a self-signed cert. >>>>> Normally I click on "Continue to this website (not recommended)." and it >>>>> goes through to my website without a problem. Now, however, the only >>>>> thing >>>>> that happens is that the link mentioned in the last sentence disappears, >>>>> and I don't get to my website. >>>>> >>>>> I'm using IE currently, but I've also tested in Firefox and Chrome and >>>>> I basically have the same problem. The apache version is 2.2. I looked >>>>> around for a solution, and I've added my site to the trusted sites as >>>>> recommended, but it still doesn't work. I looked in the error_log and I >>>>> don't see anything except a child connecting and then disconnecting right >>>>> after that. >>>>> >>>>> Any suggestions would be appreciated. >>>>> >>>>> Thanks, >>>>> >>>>> Larry Cohen >>>>> >>>> >>>> >>> >>> >>> -- >>> >>> [image: www.novetta.com] >>> >>> Larry Cohen >>> >>> System Administrator >>> >>> >>> 12021 Sunset Hills Road, Suite 400 >>> >>> Reston, VA 20190 >>> >>> Email lco...@novetta.com >>> >>> Office 703-885-1064 >>> >>> >> > > > -- > > [image: www.novetta.com] > > Larry Cohen > > System Administrator > > > 12021 Sunset Hills Road, Suite 400 > > Reston, VA 20190 > > Email lco...@novetta.com > > Office 703-885-1064 > >
