Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Recent Google Chrome Beta browser showing warning regarding nr-data.com PKI certs


#1

The following is shown in the current Chrome 63 browser console when visiting sites that I use newrelic for PHP.

“The SSL certificate used to load resources from h t t p s://bam.nr-data.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See h t t p s://g.co/chrome/symantecpkicerts for more information.”


#2

Hey @skotfred!

Thanks for the heads up about this warning message. Our engineering teams are aware of this and are actively taking steps to ensure that this won’t impact our customers.

In the meantime if you see anything come up that looks like we aren’t able to report data for this reason, let me know and I’ll be happy to take a deeper look into this issue!


#3

This is still not fixed!? I believe all you need to do is update your SSL certs but 5 months after being reported, Google is still reporting that your cert will be distrusted in a later build. Which means your code won’t work on any https sites.


#4

Hey @paul.solecki, thanks for the feedback and totally understand where you are coming from. Right now we are still working on this, and I have heard that it’s happening sooner than later, but don’t have a timeframe I can provide.

On a side note, Google’s timeline on their blog post shows the following:

~September 13, 2018
Chrome 70 released to Beta, which will remove trust in the old Symantec-rooted Infrastructure. This will not affect any certificate chaining to the new Managed Partner Infrastructure, which Symantec has said will be operational by December 1, 2017.
Only TLS server certificates issued by Symantec’s old infrastructure will be affected by this distrust regardless of issuance date.

~October 23, 2018
Chrome 70 released to Stable.

Since we’ll be updating these well ahead of these deadlines, you shouldn’t see any of our code stop working on https sites(and we’ve already updated for Chrome 66 launching in March and April).

If you see that data stops reporting for any of your sites between now and when our certificates are updated, definitely let me know and I can investigate it for you!


#5

Quick update to this conversation: Ty Herbert just posted a message about this topic here: Updates to the SSL certificates for nr-data.net and service.newrelic.com