I have created my own Root CA and signed SSL certificate with it then imported Root CA into Windows trusted Root CA list and imported SSL certificate into my web application server. When trying to access according web page I get ERR_CERT_AUTHORITY_INVALID:
Chrome shows in the address bar:
Chrome shows when inspecting certificate:
Chrome shows when I inspect Root CA
Chrome shows when inspecting Trusted Certificate Authorities
Information about SSL certificate:
Information about Root CA:
Do not know why but Chrome would not pick even when Root CA would get installed through Chrome's interface. Only restart of Chrome helped me
chrome://restart
Related
visual studio self signed certificate was not trusted, it was still able to proceed by accept the risk in chrome and edge browser whereas Firefox browser was not allow to browse the insecure localhost website at all.
It was happened suddenly when I running my localhost web site project this morning. It was still running well on yesterday.
I have tried to solve the problem as below:
delete and re-create the self signed certificate using dotnet self signed certificate command
clear cache and restart browser'
repairing visual studio installer
I have a ClearOs Linux server which, amongst other things, runs a CUPS print server. Installing CUPS makes an admin interface available via https protocol.
Every time I connect to this admin server, Chrome (and IE) warns me the certificate is invalid, and I have to click twice more to go through to the site.
I would like to tell Chrome to trust this certificate. I have Googled how to do this, and tried 3 or 4 different recipes - none of them seem to have worked (the certificate is still not trusted). I have tried the following:
Connect to the site via IE running as Administrator, click on the invalid certificate flash next to the url, view certificate, install certificate, choose Trusted Root Certificate store, and install it. I also tried the Personal store and the Trusted publishers store.
Connect to the site via Chrome, click on the certificate and export it, do Settings/Advanced/Manage certificates, and import it into the store (again, I tried Trusted Root and Personal stores).
I also tried some other instructions which said to start by running "MMC" from the Windows Start button - but typing MMC only offers me Hyper-V manager and Sql Server 2017 Configuration Manager - not the management console expected.
I have read Getting Chrome to accept self-signed localhost certificate here, and tried everything there that applies to Windows 10, but nothing works.
Enter “chrome://flags/#allow-insecure-localhost” in your chrome browser and “Allow invalid certificates for resources loaded from localhost.” to bypass the security warning about your self signed certificate.
I would like to have Charles decrypt HTTPS traffic when browsing in Chrome on MacOS.
But when I visit a website (for example, https://www.facebook.com), there are errors about net::ERR_SPDY_COMPRESSION_ERROR on multiple resources.
How can I fix this?
Steps I've followed so far:
Open Keychain Access, search for charles and delete every item mentioning charles
Open Charles Proxy, chose Help > SSL Proxying > Save Charles Root Certificate... and save charles-ssl-proxying-certificate.pem
Open Keychain Access again, click File > Import Items..., choose charles-ssl-proxying-certificate.pem, click Open.
Double click on the new certificate, click Trust, then for When using this certificate: select Always Trust
Close the window, and enter my password in the Certificate Trust Settings popup, and click Update Settings
Close Keychain access.
In Charles Proxy, select Proxy > Proxy Settings.... Check Enable SSL Proxying and enter *:* in the Location. Click Ok.
Restart Charles and Chrome.
Enable MacOS Proxy in Charles.
Visit https://www.facebook.com in Chrome incognito window.
I see multiple net::ERR_SPDY_COMPRESSION_ERROR errors in the Chrome Inspector Console.
I also tried the same steps, except using Install Charles Root Certificate from the Charles Proxy Help menu, but it results in the same problem.
Charles 4.0.2
Network: WPA2 WiFi
VPN: no
OS: MacOS 10.12.5
Chrome: 58.0.3029.110
Upgrading Charles to version 4.2.7 solved the problem for me (version 4.0.2 had the problem). I think the fix is included in 4.2.5 improvements: SSL Proxying support extended to Port Forwarding and non-HTTP SOCKS traffic.
I'm developing a Chrome App, which connects to the server over SSL. Of course, the certificate is self-signed.
In the Chrome browser, it's not a problem because Chrome opens a security warning page. If user chooses to continue to the website, it goes on to the remote page. However, in the Chrome Apps, it doesn't give such a warning page asking user whether to go on or not. Instead, a connection error is thrown out in the console.
To workaround this problem, the user has to connect to the page in the browser once and accepts the certificate, and then he/she could proceed in the Chrome Apps.
I'm wondering how to deal with this issue in the Chrome Apps directly?
If server uses self signed certificate then there's nothing you can do.
There are two other ways though, which requires server side certificate changes
and depending on those changes user may or may not have to do some settings in browser
Update the server with a Trusted CA issued certificate.
This does not require user to do any setting.
Examples for trusted CAs are GoDaddy, VeriSign etc,.
You can check the list of Trusted CAs in chrome://settings -> HTTPS/SSL -> Manage certificates -> Trusted Root Certificate Authorities
Update the server with a any other CA issued certificate.
Then provide a way for user to download the certificate and then user has to install/import it in his/her system/PC
Once certificates is installed or imported, you can check chrome://settings -> HTTPS/SSL -> Manage certificates -> Trusted Root Certificate Authorities to confirm that its installed into "Trusted Root certificates" folder. Only if certificate is imported into this folder there will be no errors in console for SSL connections.
Of course if you do not want do all this then there is a workaround as you mentioned to tell user to connect to the page in the browser once and accepts the certificate, and then he/she could proceed in the Chrome Apps
http://www.startssl.com/?app=1 provides free SSL certificates. Try having your customers get one of those instead of training your users to accept insecure connections. Or put the insecure connection over http:, which declares the intention to be insecure.
I have created my own CA and signed a certificate for use on an internal HTTPS website. I have imported the CA Certificate into both the Trusted Root Certificate Authorities and the Intermediate Certificate Authorities on the IIS machine and the site certificate is bound to the site on port 4433.
This works fine on IE9 and Firefox (i.e. the site is trusted) but I still get an HTTPS with a red score through it in Chrome (version 23.0.1271.91) saying that the site is not trusted.
Everything I have come across thus far says add the CA to Trusted.... But this seems to be of no avail in Chrome.
Any Ideas?
I believe this is a server/IIS issue.
Try to restart the server and check your SSL expiration date....
Check this page it might help you