Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Browser metrics (bam.nr-data.net) SSL Cert

rfb

#1

I’ve recently noticed that browser monitoring metrics are submitted to bam.nr-data.net, which is presently using a SHA-1 certificate.

Firefox gives a security warning in the console on all sites that are still using SHA-1.
Any idea what the plans are to update to SHA-2?


#2

Hi Steve,

Great question! I am researching into this and will let you know when I have an answer. Thank you for your patience!

Cheers,

David Affinito
Technical Support Engineer
New Relic


#3

Hey David,

we also received the first compliants from our customers. Were you able to find a the date
when you plan to migrate this certificate to a stronger signature algorithm?

Cheers
André


#4

Hi Andre,

I apologize, I’m still waiting to hear word on when this may be implemented. When I have more information, I’ll update this thread. Thank you for your patience!

-DAvid


#5

Hi Steve and Andre,

Thanks for your patience on this! I’ve heard back- we do plan on upgrading our certs to SHA-256 for all of our certs, including bam.nr-data.net! However, there are a lot of variables at play so we are approaching this with the utmost care and caution, so there isn’t ETA as of this time.

-DAvid


Is there any plan on updating bam.nr-data.net SHA Version?
#6

We would also like to see this happening soon, since it affects how our users perceive the security of our site:


#7

Thanks for the input @bjornlilja! I’ve gone ahead and filed a feature request on your behalf to log your interest in this change.


#8

We are experiencing this as well, and would like to know the timeline on when NewRelic plans to update this SSL cert.


#9

Hey @cmarjaniemi,

Could you provide a screenshot of the error message you’re seeing ? I want to make sure they are related to this particular thread or if it’s something else that you might be experiencing. Once I get that, I can take a look at this deeper for you :slight_smile:


#10

On a related note, Chrome will be dis-trusting older GeoTrust certificates soon. Currently getting warnings in Chrome about it

The SSL certificate used to load resources from https://bam.nr-data.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.


#11

Hey @AllCare! We just released an update to this very topic - you can see it here: