Sage 100

Customer trying to install SageExchange on new workstation getting insecure connection message from Chrome. Is Sage really behind the curve on https tech or is this an overly paranoid browser?

This is something that chrome has been working on phasing out. SHA1 has been found to be inherently insecure, so even though the encryption is happening, it is using a vulnerable hash. Sage should be reissuing their certificate with a SHA2 hashing. Chrome is currently the only browser warning about it, but the rest of the browsers will be following this year. Here a post on the google security blog about this : https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html?m=1

So change the default browser to something other than Chrome on the workstations and then install @GeorgeKhairallah ?

I've always installed the SageExchange directly from the Sage Setup folder > BareSetup > Sage Exchange, and that never really opens a browser. With that said, if a browser is required to be open, as of today, Firefox, and Internet Explorer are still not as sensitive about SHA1 certificate. Soon, however, this will become a Sage problem that they will have to resolve by reissuing their cert with a SHA2 Hash.

According to SPS support, the URL used in Sage 100 2015 (and presumably earlier) is no longer the current one, and Sage hasn't updated the security on that server. He recommended going to sageexchange.com/install, and install version 1 (for 2015) from there, and that worked.