(9 votes, average: 5.00 out of 5)
Loading...How to view an SSL Certificate in Google Chrome 56
(9 votes, average: 5.00 out of 5)Loading...Google’s latest Chrome updated has made it more difficult to view SSL Certificate details
Google Chrome version 56 was released at the end of January. It features a number of significant changes, one of which is the relocation of a website’s SSL certificate details.
The average internet user will probably write that change off as insignificant. It’s not, though. Checking a website’s security certificate information is actually good security hygiene. Unfortunately, it’s a lot like flossing, though—you may know you should be doing it, but you’re probably not.
Why Should You View SSL Certificate Information?
Let’s start from the beginning. According to a 2017 consumer study by Gemalto, just 16% of respondents understand what SSL even is or what encryption does. And that’s the first problem. Encryption is what keeps your sensitive information safe when you visit websites. Without writing you a Wikipedia page on it, a website gets an SSL Certificate so it can encrypt communication with its visitors. Without SSL and the encryption it enables, connections between websites and visitors are made via HTTP, which is not secure. This means all communication – and by extension, data – that is shared can be intercepted and either stolen or manipulated by anyone who wants to. SSL allows websites to make connections via HTTPS (HTTP’s older, more secure sibling). This protects sensitive data in transit.
So, that’s important. But if the encryption function of SSL is not well known, the authentication function gets even less attention. SSL Certificates do more than just enable encryption, they validate the identity of the website’s owner. There are three validation levels: Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV). DV SSL only requires proof of site ownership for issuance, but OV and EV offer business authentication, which put verified business details in the site’s SSL Certificate information.
So, now let’s answer the questions we just posed: Why should you view SSL Certificate information?
Because in a lot of cases it’s the only way to know for sure that you’re on the right website. Hackers and cybercriminals are incredibly adept at tricking people. Cyber attacks are incredibly prevalent. They affect all size of companies, 91% of the world’s corporations have been targeted, but 70% of the world’s small and medium-sized business have also been victimized too (per Symantec’s 2016 Global Threat Report).
That means that you can never be too safe. Checking a site’s SSL details is like looking through the peephole before opening your door. You’re probably 99% sure that you know who’s knocking. But a quick glance is still prudent, just to be safe.
Chances are, you’ll pull up the Certificate information, see the company in question is the registered owner of the domain and continue on with business as usual. Or maybe you notice something peculiar, it’s registered to a different entity or there is no verified company information at all. Checking could be the difference between getting phished or not.
It may seem trivial, it’s really not.
Ok, So How Do I View SSL Certificate Details in Google Chrome?
Google has placed a help page where the site’s SSL Information used to be located. If you want to find the new location of a site’s SSL info, you need to do the following:
- Open Developer Tools
To do this, click on the Chrome menu (⋮)
Then select More Tools -> Developer Tools
- Select the Security tab, it’s the second tab from the right.
- Choose View Certificate. This will open a new window with all of the relevant information in it.
You can use keyboard shortcuts to find the new location of a site’s SSL info
| OS | Keyboard Shortcuts | |
| Windows and Linux | Ctrl + Shift + i | F12 |
| Mac | ⌘ + Option + i |
And that’s all there is to it. Google has added a few more steps to finding this information – it used to be available by clicking the padlock icon in the address bar and selecting “details” – but it’s still not difficult to find it.
And hey, we realize it may sound silly to say that you should always look for SSL information when visiting a website—it’s really not though. Even when Google tells you a website is “Secure,” that doesn’t mean the site is safe. Many criminals are using DV SSL Certificates to get their spoofed websites labeled as “secure.” All the “Secure” indicator means is that your connection with a website is encrypted. There’s no guaranteeing who is on the other end of that connection. It could be who it claims to be, or it could be a Russian hacker, a Chinese hacker, some 400-pound guy in basement in Jersey. Who knows.
Not you—unless you check the site’s SSL information. So start checking.
