Main Area and Open Discussion > General Software Discussion

How Safari, Chrome, and IE handle SSL

(1/1)

Stoic Joker:
So I was working with a client today, trying to get their Gmail account forwarded to Exchange Online. They were using their preferred Google Chrome browser to access their Gmail account to perform this seemingly simple action ... But it kept failing..

The error message was completely uninformative, and seemed to imply that the address to be forwarded to was not valid for some reason. However the address was indeed quite valid.

So I had them open IE in in-private mode to ensure a clean browsing environment. In the hopes of at least gleaning something in the way of an at least somewhat informative error message. IE handily obliged, and informed us that the certificate being provided by the next popup window was not valid. So Google's browser was rejecting the certificate that Google's own mail server was trying to use ... Impressive? ...Not!

Now here's the really sad part. Knowing that the client had an iPad, I told them to try and perform the same action using the Apple Safari browser ... Because it's security was such total crap that it would most likely accept anything ... And horrifyingly I was right. It sailed straight on through like it didn't even bother to look at the cert let alone ponder it's validity.

FireFox was not readily available for this test...(so wasn't included)...but I did find it rather darkly comical watching Safari fail a security check in such a spectacular fashion.

 :D

Navigation

[0] Message Index