Does it reproduce every time, would you mind hard refresh (cntrl + f5).Also please check with SSL Labs Dev Client Test
Yes, also with hard refresh
Yes, also with SSL Labs Dev Client Test
Does it show SSL v3 enabled?. Please provide some details (OS etc) to reproduce the issue.I have tested it with Chrome 52 / Win 7
OS is Windows 10 Enterprise.
Not reproduced on my end with Chrome 52 / Windows 10 Enterprise
Could you please provide here a screenshot of the entire page? (There's a Chrome extension called "Full Page Screen Capture" that does a good job at that.) I'd like to examine the possibility that your access is intercepted at the corporate level. Similarly, please check the SSL Labs certificate. If it's not issued by Entrust, please paste the entire certificate here.
thank you. With your hints I found the culprit: AVG AntiVirus Business Edition Online Shield. With "Online Shield deactivated qualys client test is just fine. Any idea why AVG is overwritting SSL certs?
Please have a look at mixed content: http://plaintext.ssllabs.com/plaintext/xhr.txt?t=
It's because it's a horrible piece of software that should be uninstalled...
They're doing it because they want to inspect your browsing traffic (which otherwise they can't do because of end-to-end encryption).
AVG Support on Twitter: "@atvirtual Enabling the SSLv3 is to make sure that your browser data are safe. [1/2]"
to make sure that your browser data are safe
this is a MITM and there are enough reports that these implementations are mosty unsecure and harm more than they protect.
Retrieving data ...