Configure Google Chrome to display certificates directly

Google moved the option to display certificates in Google Chrome from the site properties menu to the Developer Tools.

All you had to do previously to display the certificate of a site in Chrome was to click on the site icon in the browser and select details to display the certificate in the browser.

After the change rolled out, users have to open the Developer Tools, select Security in the interface, and click on the "view certificate" button in it.

Not very elegant, especially if you need to verify certificates regularly and not just once every other month or so.

It appears that Google has had a change of heart. While the company did not restore the option to display certificate details directly in the page info panel, it did add a new flag to Chrome that adds a similar option to the page info panel.

The new experimental flag has been added to Chrome 60 by Google which was released recently.

Enable show certificate in Chrome

chrome show certificate

The feature is opt-in right now; you have to enable it manually before it becomes available. Here is how that is done.



  1. Open the Chrome browser if you have not done so already.
  2. Load chrome://flags/#show-cert-link in the browser's address bar.
  3. Select the enable link that is associated with the "show certificate link".
  4. Restart the Chrome web browser.

The experimental flag has the following title and description:

Show Certificate Link

Add a link from the Page Info bubble to the certificate viewer for HTTPS sites.

When you open the Page Info panel after the restart, you will notice that Certificate is a new entry when you open sites that use HTTPS.

Read also:  AnonTab: open sites in a secure environment

chrome display certiifcate

Chrome highlights whether the certificate is valid or not. You may click on the link however to open the certificate window that lists detailed information about the site's certificate.

site certificate

Closing Words

I never understand why Google removed the option to display certificate information directly in the Chrome browser. It looked as if the company decided to hide the information from regular users and make it Developer and tech savvy users exclusive, as barely anyone knew where to look to display certificate information after the change.

The new experimental flag adds this option back to the place where users look for it, but it is an opt-in feature. This means it is likely that many users will not know about it.

Still, it is good news that the option is back. Since it is available as an experimental flag, it may be integrated in Chrome natively, or removed from the browser.

Now You: Do you verify certificates regularly?

Summary
Article Name
Configure Google Chrome to display certificates directly
Description
Google Chrome 60 comes with a new experimental flag that restores the link to open certificate details of sites you open in the browser from the address bar.
Author
Publisher
Ghacks Technology News
Logo

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Configure Google Chrome to display certificates directly

  1. Anatoly Nechaev July 27, 2017 at 7:59 pm #

    Works in Vivaldi too, cewl.
    Thank you.

  2. John July 27, 2017 at 8:24 pm #

    This should be the default.

  3. CHEF-KOCH July 27, 2017 at 11:02 pm #

    It's not necessary to be default or change the default option, when an certificate isn't valid you get an huge messege and warning.

  4. CHEF-KOCH July 28, 2017 at 1:31 am #

    Example that enabling and using it is useless:
    https://www.welivesecurity.com/2017/07/27/homograph-attacks-see-to-believe/

  5. Timson July 28, 2017 at 9:27 am #

    And even it is the right domain - if you computer is infected or otherwise tempered with - the root certificate could be replaced and you wouldn't get notified or have any ability to check it (if oyu don't remember all CAs)
    Also interesting detail: currently SSL certificate revocation mechanism is not working in every major browser. So if you receive revoked certificate in a response from server - every browser would mark it and green and trusted. Here is an article about that issue with test domain: https://scotthelme.co.uk/revocation-is-broken/
    So https is mostly illusion of protection, it works up until the moment there is a real attack against you.

  6. Kubrick August 16, 2017 at 1:43 pm #

    I think it should be pointed out that the information within the certificate is meaningless to the untrained eye and the vast majority of chrome users simply will not understand what it all means.

  7. Dan August 16, 2017 at 2:01 pm #

    As others have pointed out already, adding the ability to view the server certificate does not add any security per se, but as an IT admin I appreciate the ability to access the info with two mouse-clicks instead of having to wade through a number of developer submenues. Especially when I had to verify the certs on my own (internal) servers after renewing or changing them, this has been a major annoyance previously. It's a convenience feature, no more, no less.

Leave a Reply