CheckMyHTTPS ensures that your HTTPS connections are not hijacked and therefore not listened to.
The extension « CheckMyHTTPS » checks if your HTTPS connections are correctly secured ort not.
How does it work ?
During the browser start up, a first test will be made on our website (checkmyhttps).
A green lock means a secured connection.
A red lock means that your connection might be listened to...
If you have any doubt, you are free to check your connection on other HTTPS website by clicking on the lock. Don't forget to make this test on HTTPS websites ! :)
More detail !
Normally, a secured website has to prove its identity to your browser by sending a certificate validated by a recognized certificate authority. Interception techniques, to be able to work, generate dynamically forged certificates.
CheckMyHTTPS checks that the received certificate from a visited HTTPS website matches the certificate seen by a remote server, ensuring no interception is taking place within your local network. This is sufficient to prove the interception.
What about my privacy?
The extension only needs these two parameters.
- URL of the HTTPS website
- SHA1/SHA256 fingerprint of the server certificate sent to your browser.
In order to check the connection, these two parameters are sent to our remote server which does not store anything.
You can set up your own remote check server if you so desire.
All complementary information is detailed on the website https://checkmyhttps.net