We are aware that our current certificates will no longer be trusted in Chrome as of October 2018. We are actively working to remediate this issue and our customers should not be affected.
`bam.nr-data.net` using Symantec certificate that will be distrusted in Chrome 70
Warning on New Relic Browser Script SSL Certificate
Please note that October 2018 is for Chrome Stable. NewRelic is a developer-focused product and it is very likely that you have large numbers of developers running Chrome Beta which will get this shipped to them in March of 2018.
Chrome console shows warnings.
Why wait until the deadline? This is an annoyance to all and a concern for many.
Stop wasting customer time and stop paying for SSL certs. Just setup EFF’s certbot for Let’s Encrypt to auto-renew and never worry about it again.
Ps. I just realized https://discuss.newrelic.com is already using a SSL cert from Let’s Encrypt, good job, time to get the rest of the team on board.
Hey there @mjackman,
I feel your frustration here, and I am sorry we have caused you annoyance. That is never good to hear.
I can only share what I have observed here on New Relic’s side: our security team is taking the time to try and make this a better customer experience than the time before. We have an opportunity to start fresh and want to get it right. I know that requires patience, and we really appreciate it
Thanks for recognizing that our community is trying to get ahead of the curve! Please feel free to check back here for future updates and let me know if there is anything else I can do.
We are starting to see this warning (as mixed content) in the current version of Chrome (64). This removes the “secure” notification in the users browser, is there a plan to update the certificate or update to the server installation/update to use a new URL?
Loyal New Relic customer here. I wanted to join the chorus asking for this issue to be addressed now!
any update? getting this as well. as a developer/designer, really do not like seeing warning messages in the console on our sites.
Hey, New Relic - this has started showing up on our selenium testing suite, along with being a constant nuisance to our development team.
Whilst the October 2018 deadline might be ok for a normal website, throwing warnings on your own site is entirely different to doing it on thousands of customer sites.
This should surely be fixed immediately? Not something that requires a huge amount of thought, just buy a new certificate…
This is a serious issue which is starting to get NEGATIVE reaction from our government customers , we are about to remove NR from these customers.
What is the ETA for resolution ? (we address our system within 3 days).
@Linds, 7 days since I last joined this thread, and no response from you or anyone at new relic. We’re new customers, so it’s extremely frustrating to see an issue like this so soon after signing up and paying for new relic’s services. Please response with some more, specific information regarding this SSL cert issue. thanks.
I’ve recently remediated the exact same error on the websites that I manage. It’s a simple matter of purchasing a new SSL certificate and replacing the existing one.
If New Relic management is paying attention, the person who’s “actively working to remediate this issue” needs help. If they had an hour, a credit card, and a clue as to what they were doing, this issue would stop harming your brand right away.
Our app requires https and this cert fail means I now have to remove newrelic. Angular 5 is fussy enough without this as well.
Just signed up to add another voice: This needs fixing NOW. I completely agree with @shooker: buying and installing a new SSL cert is not hard or expensive. Just do it please and don’t hide behind the “October 2018” deadline. It needs addressing immediately.
Some infrastructure IT groups will completely block a site if there is one malformed cert… In this case New Relic has the malformed cert, and our site gets blocked. I’m also seeking an estimated time to repair from New Relic on this (as are many others).
Another vote for understanding the fundamentals about your target market!
People buy New Relic because they are uptight about having a high quality website with no errors or bad user experiences. A console warning in the dominant browser is egg on our face to our customers, and a constant annoyance to our developers that we train to watch for and address every potential quality issues on sites.
It’s great to hear that the team is considering overall improvements, but in the meantime just update that cert!
Developers and customers that otherwise love your stuff for helping fulfill their exacting quality standards, are wasting time noticing and tracking down this warning to a New Relic domain and scratching their heads wondering why this wasn’t resolved within a few weeks of being reported by customers back on October 9th 2017!
The number one rule for a monitoring and metrics tool used in production is minimize it’s impact. New Relic’s server-side instrumentation and browser code is impressively efficient and almost unnoticeable, that was a key pre-purchase consideration. But when monitoring code causes warnings, all that good stuff goes out the window. The monitoring is now bringing down the the apparent level of quality of the monitored application.
The whole point of your product line is to help fastidious people run efficient and error free sites. Adding a warning to every single otherwise error free page, and being OK with it for over four months, leaves one to wonder if you even know what kind of people go out looking to buy anything in this product category, and why you would keep pressing their frazzled OCD nerves for so long.
New Relic… please buy a valid SSL certificate NOW. I’m sure we can all give you $1 if you’re missing this huge $200 cash to buy it at any reseller.
We’ve created a new discussion topic for future updates: