I wanted to change DNS server on macOS 10.14.6 by going to System Preferences -> Network -> Advanced..., and adding 8.8.8.8 in the DNS tab. Since then, Chrome gives me a
DNS_PROBE_FINISHED_BAD_SECURE_CONFIG error.
First I returned to the previous DNS settings (putting 192.168.1.1 in place of 8.8.8.8). Since then I tried switching my router off/on. I cleared the Chrome DNS cache as explained in this answer. I cleared browsing data (history, cache, cookies) on Chrome. I stopped and restarted the mDNSResponder service.
From the terminal, both ping and curl work fine. Other browsers (Safari) work fine. Why do I see this error, and how do I solve it?
If you have checked all DNS settings but still got this error, you could take a look at the Chrome Secure DNS to see if this setting had switched on.
To turn Chrome Secure DNS on or off:
Open Chrome.
At the top right, tap More and then Settings.
Under “Privacy and security,” tap Security.
Turn Use Secure DNS on or off.
Related
On Linux Debian 10 (Buster), I am using the http(s) client google-chrome-stable.
I was configuring (nginx) and testing (chrome) a reverse proxy and it got cached using a wrong domain.
I fixed the configuration but it still resolve to the wrong domain.
I have tried to go chrome://net-internals/#dns and click on Clear host cache but that didn't change anything.
I have tried to go chrome://net-internals/#sockets and click on Flush socket pools but that didn't change anything.
I am not working with FireFox, so FireFox can resolve correctly (so does curl).
After about 10 minutes, without restarting chrome. I did F5 (refresh) and it was loading the proper page. I haven't found a manual way to immediatly clear chrome cache.
I am doing devops and I haven't solved this issue for years.
Would love to know how to do one day :O
What happens if you open developer console F12 and then hold down on the refresh button and then select empty cache and hard reload?
Take a look at this gif for an example.
I'm wondering if there is a terminal command that allows me to view my google chrome DNS cache on Mac.
Thanks
I have the same exact problem. Chrome is resolving a URL to the wrong IP, all other browsers resolve to the correct one. Upon inspecting the net-internals menu it just gives me the option to clear cache. There doesn't appear to be any direct way to see it.
What I did instead is I allowed the website to resolve to the wrong IP, then accessed the developer menu (F12 on Windows), clicked on Network, chose one of the loaded images and clicked the 'Headers' tab. under General -> Remote Address it showed me which cloudflare proxy IP the something.com address was resolved.
I have used a method for years that has worked for me and limited any mysterious domain-based issues with cookies and such.
In my /etc/hosts file, I do the following for the local development version of www.mysite.com:
127.0.0.1 localhost local.mysite.com
When I visit http://local.mysite.com:3000, this has done exactly what you'd expect for years and years, and still works in Safari and Firefox. However, Chrome started stubbornly giving me an ERR_CONNECTION_REFUSED message a few months ago, and I can't make it work. If I visit http://localhost:3000, it works fine, but I avoid developing against localhost for various reaions. I have tried every possible thing I can find on the internet (clearing caches etc), and nothing has made the error go away.
Anyone have any idea what can be done here?
In the browser, please clear host cache and then try it out. To clear host cache, follow the steps below
Open up Chrome browser and enter " chrome://net-internals/#dns " in the address bar without quotes
Click on the button Clear host cache
Restart your browser and try again
You need to disable the dns prefetching and network condition predicting services on chrome.
As chrome is trying to look for local.mysite.com in actual dns servers and not finding the local ip address.
You can see the below steps -
Go to chrome://settings
Click on "Show advanced settings..."
Unmark the Predict network actions to improve page load performance
box.
Check if the DNS prefetching is really disabled by going to
chrome://dns.
You should see there something like DNS pre-resolution and TCP
pre-connection is disabled.
I want to use fiddler to monitor api calls made by my browser when it visits some pages.
The technology - Fiddler 4.6x, Chrome 56, Firefox 51, Windows 7 64 bit.
The problem - Fiddler does not work with chrome. When I open any page on chrome, I get the error "Your connection is not private: Attackers might be trying to steal your information from website (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID". FYI, I easily fixed a similar issue with firefox.
Solutions I tried that failed -
Four hours of google and stack overflow did not give me any solutions.
Convert the fiddler cert to pk 7 ??? format.
Import fiddler cert into chrome. Also, grant the cert all kinds of advanced permissions.
Install the fiddler cert with admin rights on windows, by "running" it.
Run chrome and ignore cert errors.
Regenerating the fiddler cert and restarting fiddler and browsers as given in the official fiddler book.
In 2,3 the cert never appeared in trusted cert store, but appeared in personal and immediate cert store. In 1, nothing even happened. Please tell me how I can make this work. Any links to the basics of all this would help.
I was facing similar issue with Fiddler v4.6 and followed these steps:
Fiddler 4.6.1.5+
Click Tools > Fiddler Options.
Click the HTTPS tab.
Ensure that the text says Certificates generated by CertEnroll engine.
Click Actions > Reset Certificates. This may take a minute.
Accept all prompts
Fiddler 4.6.1.4 and earlier
Click Tools > Fiddler Options.
Click the HTTPS tab
Uncheck the Decrypt HTTPS traffic checkbox
Click the Remove Interception Certificates button. This may take a minute.
Accept all of the prompts that appear (e.g. Do you want to delete these certificates, etc)
(Optional) Click the Fiddler.DefaultCertificateProvider link and verify that the dropdown is set to CertEnroll
Exit and restart Fiddler
Click Tools > Fiddler Options.
Click the HTTPS tab
Re-check the Decrypt HTTPS traffic checkbox
Accept all of the prompts that appear (e.g. Do you want to trust this root certificate)
Reference:
https://textslashplain.com/2015/10/30/reset-fiddlers-https-certificates/
I used these two stack overflow posts -
https://superuser.com/questions/145394/windows-7-will-not-install-a-root-certificate
https://superuser.com/questions/647036/view-install-certificates-for-local-machine-store-on-windows-7
I don't know what is happening. One of these posts worked and I got the fiddler cert into the trusted store. But, fiddler still cannot decrypt many websites https traffic, especially that of google.
After I reinstalled fiddler and did what Abir suggested Fiddler still didn't capture any traffic.
In my case it stopped working because I installed a chrome extension named Tunnel Bear, uninstalling the extension solved it for me.
Firefox has its own certificate store so I assume you just installed the DO_NOT_TRUST... Fiddler root cert there and everything worked. Pretty much you should do the same with Windows certificate store in order for Chrome to work. So make sure you remove all the fiddler certificates you previously generated and regenerate.
if fiddler do not capture chrome traffic, one solution is checking extensions. in my case i use zenmate vpn. when i disable this extension, fiddler capture all traffic in chrome
I am developing a website locally using wamp. The site uses ssl and works completely fine in firefox. In Google Chrome, I get an error:
https://example.local/ gives me this error
This webpage is not available
The connection to example.local was interrupted.
Here are some suggestions:
Reload this webpage later.
Check your Internet connection. Restart any router, modem, or other network devices you may be using.
Add Google Chrome as a permitted program in your firewall's or antivirus software's settings. If it is already a permitted program, try deleting it from the list of permitted programs and adding it again.
If you use a proxy server, check your proxy settings or contact your network administrator to make sure the proxy server is working. If you don't believe you should be using a proxy server, adjust your proxy settings: Go to the wrench menu > Options > Under the Hood > Change proxy settings... > LAN Settings and deselect the "Use a proxy server for your LAN" checkbox.
Error 101 (net::ERR_CONNECTION_RESET): The connection was reset.
http://example.local/ works fine in chrome.
I should note that in IE I get Internet Explorer cannot display the webpage error, but again, it works fine in firefox...
Any help?