IT Services Alerts - Resolved: 'Weak cryptographic key' message in Google Chrome on accessing some College services

Updated: Wednesday, 18th April 2012, 9am

A new security certificate has been installed which provides a higher-security SSL key meaning that users of Google Chrome will not get the 'weak cryptographic key' message when accessing the services outlined in the initial post below.

IS Services

First Posted: Thursday, 12th April 2012, 5pm

Several users of the Google Chrome web browser have reported seeing the message below when accessing certain College portal services such as the Student Information System,  Epay (Fee payment system), Student Finder, Research Support System, Telephone Billing System, Asset Register and PAC.

The message states ‘The server certificate contains a weak cryptographic key’ and is caused by an industry move to require higher-security, 2048-bit SSL keys while many older certificates have smaller key sizes. Google’s Chrome web browser now shows a warning on any site which still uses the older key sizes. This error is not reported by Internet Explorer or Firefox browsers which do not yet enforce the higher security standards.

The security certificate relevant to the affected services is due to be replaced soon and so the message will no longer display after that point.

IS Services

The server certificate contains a weak cryptographic key