I think Chrome only shows the red sign in the address bar, not the usual warning page.
This step was announced some time ago, and since certificates usually need to be replaced frequently, there should be very few problematic certificates, if the CAs did their job.
That being said. How can I check our cert? The current cert predates my employment with the county and this is something I have never had to deal with.
If you view your website in chrome, you can click on the lock icon in the address bar. Go to the connection tab -> Click certificate information -> Details Tab.
You should see one of the entries should be signature algorithm. SHA-1 is a problem. SHA-224 or higher means the cert is on SHA-2 which is okay.
It looks pretty bad and alarming. I'm on canary, so I've seen the warning on my own site. With only a weeks warning I have to get this solved before normal customers start seeing it. A big nasty red strike through our reputation.
> there should be very few problematic certificates, if the CAs did their job.
The cert was bought through Network Solutions in the past year. They are not exactly amateurs.
I've already had to spend 45 minutes researching and trying to solve this and I still have to waste more time resolving this.
Yes, that's correct. Due to a subtle bug (https://crbug.com/472978), my beta-channel Chromebook thinks my personal website has a SHA-1 intermediate, so I've seen this happen. There's no certificate warning / interstitial, just the red slash through the "https".
This step was announced some time ago, and since certificates usually need to be replaced frequently, there should be very few problematic certificates, if the CAs did their job.