Updating Browser Settings for Heartbleed Vulnerability
You have probably started to recieve messages from (responsible) sites/services you use informing you that they have already responded to the Heartbleed security issue. At some point in addressing that issue, those sites/services will replace their SSL certificates. Once they do, you can help expedite this for your personal browsing by updating the follow settings.
This setting is not set by default in Chrome, probably because it can impact speed/performance, and you may wish to turn it back to default once the wave of certificate updates is complete (could be a while in the case of some groups that are slower to respond). It is generally on in Firefox and Internet Explorer with some caveats (see below) and it never hurts to confirm.
Chrome
- Click on the “Hamburger” (three lines) in the upper right.
- Go to Settings
- Click on Show Advanced Settings
- Scroll down to HTTPS/SSL
- Check the box labeled “Check for server certificate revocation”
- Close this window and restart browser (optional).
Internet Explorer
- Click on the Gear icon in the upper right.
- Select Internet Options
- Click on Advanced tab
- Scroll down and make sure “Check for server certificate revocation” is checked.
- If this option was NOT checked, you will have to click Ok to confirm changes, close the browser and restart your computer.
Firefox
By default, Firefox will check for certificate revocation. However, there is no server response, it will continue to accept the existing one for the time being.
- Go to Tools
- Select Options
- Select Advanced tab
- Select Certificates sub-tab
- Click Validation button
- Use the OCSP to confirm” should be checked by default
- [Optional] For short term, you may choose to uncheck “”When OSCP Fail, treat as invalid”
- If you change this setting, click OK to confirm/save at each step.
- [Optional] Restart browser
All advice comes with no warantee or guarantees expressed or implied. Use at your own risk.