Google Chrome Tutorial

Google Chrome Logo
Home Tutorial  

Google Chrome SSL Settings

SSL stands for Secure Sockets Layer. This is an Internet protocol used by many websites to ensure safe data encryption and transmission for things such as log in passwords and bank account information in checkouts. The Google Chrome web browser has many options to secure your data using SSL settings. The default settings of Google Chrome for SSL security are set to the middle, not too strict and not too open so if you do not have a specific reason to change the settings, it is easier to leave them as they are. To set up or change SSL settings, follow these steps:

To set up your SSL settings, follow these steps.

Step 1:
Click "Customize and Control Google Chrome" menu.

Customize and Control Google Chrome menu.

Step 2:
Click "Options" button.

Google Chrome Option button.

Step 3:
Under "Google Chrome Options" window select 'Under the Hood" tab.

Google Chrome Under the Hood tab

Step 4:
"Under the Hood" tab go to "Security" section.

Google Chrome security section.

Select Trusted SSL Certificates

Step 5:
Click "Manage certificates" button.

Google Chrome manage certificate button.

Step 6:
In the "Certificates" window you can Import, Export and Remove your SSL certificates.

Google Chrome SSL certificates window.


Set Computer-Wide SSL Settings

Step 7:
To setup computer-wide SSL settings follow this step.

  • 'Use SSL 2.0': This is an older version of the SSL protocol that is less secure. However, some websites may require visitors to use this version when browsing. If so, select this option only if you trust the website.
  • 'Check for server certification revocation': Turn on real-time verification for the validity of a website's certificate, for extra security. A certificate can be revoked by its third-party issuer if it detects that the certificate has been compromised or stolen.

 

Control Display of Mixed Content on Secure Webpages

Sometimes, an SSL-secured website (denoted by 'https' in its web address) loads parts of its content from insecure resources. Content from insecure sources can be viewed by others as a webpage is loading and information is transmitting. Malicious parties could potentially modify these insecure resources and change the look and behavior of the webpage without your knowledge or consent.

By default, all content is displayed, but an alert icon Alert icon appears at the end of the address bar when you encounter a webpage with mixed content.

Step 8:
Under "When there is mixed content on secure (SSL) pages" section you can do these changes.

  • 'Block all insecure content': With this option, broken image icons appear in the place of insecure images. Frames and iframes are replaced by a red box. You can override this setting for a particular webpage during your current browsing session by clicking on the Show all content link on the message that appears at the top of the page.
  • 'Allow insecure images': Insecure images load, but are marked so that you can identify them.
  • 'Allow all content to load': All web elements load regardless of their security state.
Step 9:
Once you have made all the changes you like, click the "Close" button.