DescriptionHSTS preload list removals for Chrome 57.
mencap.org.uk:
> We have a lot of internal sites/subsites and as a charity all sites are not
> using ssl. We will do when when we purchase a wildcard ssl.
hzsh.xyz:
> HSTS verification needs to be disabled for Let's encrypt authentication
> errors. I tested cPanel Let's encrypt authentication, SNI does not support
> https authentication.
ssersay.com:
> • sport.ssersay.com – We suppose to bind this subdomain to a TV live platform
> which does not support https.
> • jekyii.ssersay.com – We plan to use the Coding Pages service which does not
> allow https
tokyopopline.com:
> We can not operate the site with HTTPS.
> • reason
> Since the portal site of the delivery destination does not correspond.
cgat.no:
> • cgat.no - root domain being transitioned to a 301 primary redirect to
> another site (https://christiangaetano.com) that will be on the HSTS preload
> list.
usap.gov:
> All usap.gov subdomains - Preload forces our internal (non-public facing)
> subdomains to https, which was an unforeseen consequence of HSTS preloading
> and which we are unable to support at this time.
cip.md:
> can't upgrade to HTTPS due to device limitation
> (http://asus.meriacre.cip.md:8081)
johndong.net, gooby.co:
> Basically all of gooby.co and johndong.net need to be removed from HSTS
> preload because I royally screwed up with my configuration and now I can't use
> HTTP on a subdomain of mine.
kinogb.net:
> We happened to turn on HSTS
> Part pages may not work on https, only on http
open-coding.org:
> I'd like to sell the domain
koophetlokaal.nl:
> Unfortunately due to a lack of understanding the HSTS logic fully I've used
> default settings for a certain software stack to setup my SSL certificates.
>
> This resulted in the preloading feature to be enabled by default and since
> I've moved to LetsEncrypt I'm running into issues.
jf-projects.de:
> • storage.jf-projects.de - It's an old box, that does not has the ability to
> provide HTTPS
> • router.jf-projects.de - It's an router.
kkaufmann.de:
> I cant connect to my Router at Home and other Sites.
mindwerks.net:
The site operator enabled HPKP, then accidentally switched to a certificate that
did not match the previously pinned set. As a precaution, they'd like to remove
the HSTS entry from the preload list (even though the issue mostly orthogonal).
glopoi.com:
- [various country-code subdomains] - we couldn't afford any more
mytripcar.com:
> • marketing.mytripcar.com - we use a third-party service and uploading custom
> SSL certificates has an extra cost
BUG=527947
TBR=palmer@chromium.org
Review-Url: https://codereview.chromium.org/2550763002 .
Cr-Commit-Position: refs/heads/master@{#444621}
Committed: https://chromium.googlesource.com/chromium/src/+/c083c885f19967daef65cce687ab0b0d695adf69
Patch Set 1 #Patch Set 2 : HSTS preload list removals for Chrome 57. #Patch Set 3 : HSTS preload list removals for Chrome 57. #Patch Set 4 : HSTS preload list removals for Chrome 57. #Messages
Total messages: 3 (2 generated)
|