Solved

Since installing webroot, SSL lock not secure in chrome


Since installing webroot, SSL lock not secure in chrome but little gold lock does show in webroot icon by clock.
Am i truly secure?
 Why does Chrome not show me a complete lock? Elements of page are not secure..
 
Please advise
icon

Best answer by Baldrick 5 May 2014, 15:36

View original

14 replies

Userlevel 7
Hi webwiz
 
I am not sure what you are referring to when you say 'SSL lock not secure in Chrome'...are you referring to the padlock & yellow triangle that one should see on the lefthand side of the Chrome address bar when an https site is being accessed?  If so then you will only see that when HTTPS is the protocol used rather than HTTP.
 
In terms of the WSA-related golden padlock symbol in the notification tray icon...that is a complete separate thing and you should see that regardless of the protocol being used, i.e., WSA is protecting you on BOTH HTTPS AND HTTP, if you are using a supported browser...all the main ones are supported including Chrome.
 
So, YES, you are protected in the scenario you described.
 
Hope that helps?
 
Regards
 
 
 
Baldrick
Yes, I am referring to the padlock & yellow triangle on the lefthand side of the Chrome address bar. Since installing Webroot, all HTTPS websites i go to, (my bank, etc)including any webroot pages, such as the one i am on right now, only shows the padlock & yellow triangle. I do not get a complete lock like i used to. It tells me there are non-secure elements on the page that can be interecepted, etc.. Before Webroot, all HTTPS pages were locked. I am using the latest update of Chrome.
 
(Yes, the WSA-related golden padlock symbol in the notification tray icon is there and working fine..)
 
 
https://www.dropbox.com/s/pn3c61u7qngrxqk/Screenshot%202014-05-05%2008.20.29.png
 
 
 
 
Also, when a webpage is first loading, i see the green text and lock in chrome.. When the page is fully loaded, it reverts to the padlock & yellow triangle .. Just an FYI
Userlevel 7
Hi webwiz
 
Thanks for cinfirming what we are discussing. ;)
 
The behaviour that younare seeing is identical to that which I am seeing but I cannot explain the reason for the apparent change in Chrome's behaviour.  I will do some research on that and look to get back to you.
 
All I would say at present is to reiterate that if the padlock symbol on the WSA icon is present then you are protected by WSA's features covering the web.
 
Regards
 
 
Baldrick
I am glad you see the same thing. This is only happening in Chrome. I look forward to your reply. I dont feel completely secure, especially at my bank.
Userlevel 7
Hi webwiz
 
OK, no problem. Understand that it is a matter of trust...but have used WSA like this my bank, for a while, and no issues so far.  But will see what I can find out re. this.
 
Regards
 
 
 
Baldrick
 
Userlevel 7
Hi webwiz
 
Been doing some research and this appears to be a long standing 'issue'...which has surfaced previously.  However if you click on the chrome triange you will see certificate what does mean that the site is definately operating under HTTPS.
 
In fact the VP of Endpoint Solutions JoeJ advised as follows on this subject:
 
"This is an unavoidable behavior because Webroot changes the content of search result pages by injecting content into them for the search result annotation. This will happen with any product analyzing search pages (unless they're lying to Chrome) but it doesn't affect performance or the behavior of Chrome."

 
Apparently, this is only going to happen on Chrome (partly due to their sandboxing).  Please see here if you woud like to follow/check the whole conversation on the subject.
 
So the Development Team are aware of the 'issue' but as it seems to be something specific to Chrome I am not sure what more they can do...and as JoeJ says latter in the referenced thread:
 
"The web filtering extension is important to protection and I would strongly recommend leaving it enabled. The Chrome warnings are superficial and not indicative of any underlying problem with the websites you're visiting. I'll have the team look into what we could possibly do to avoid this but it is due to how Chrome's sandbox works and how plugins are forced to integrate with websites so there may not be a workaround available."
 
These pronouncements have reassured me and I am happy with the current position...but appreciate that you may well not be.  If that is the case then I would suggest that you Open a Support Ticket and follow up with the Support Team as to what, if any, further progress has been made in terms of a workaround or resolution.
 
Apologies I cannot provide more but hope that this answers your enquiry?:D
Regards
 
 
 
Baldrick

 
Userlevel 7
Hi Baldrick,
 
A Big Kudo for such detailed explanation of this issue!
And well-dersved bagde for the best Detective;)
 



 
 
Many thanks! :D
 
 
Regards,
 
Mike
Userlevel 7
Awww, Guys...you are too kind...:smileyembarrassed
 
All I really was a little bit of research and then point in the right direction...nothing more.
 
Regards
 
 
 
Baldrick
I certainly appreciate your research and pointing me to the thread discussing the issue as far back as Oct2013. Now i understand the issue and realize its a cosmetic one. I hope WR can get a fix at some point, but for now i know i am safe at my bank, etc. using Chrome. Thank you, Baldrick. You rock. 🙂
Userlevel 7
Hi webwiz
 
You are most welcome...it is always a pleasure to help a fellow users...and to learn as a result. :D
 
I cerrtainly share your hope re. an eventual solution to this cosmetic issue. ;)
 
Hope to see you around in the discussions and fun that go on here?
 
Regards
 
 
Baldrick
 
Userlevel 7
Well deserved kudos Baldrick!  
Userlevel 7
Thank you, Jeff...but you are too kind...;)
Userlevel 7
Well, thank you Baldrick.  Sadly, I did my own researching and was able to duplicate this issue on all 4 browsers (IE, Chrome, Firefox and Opera).  I posted my findings in the other thread that you referenced earlier. Let's see what happens.

Reply