发表新帖
发表新帖

Google Chrome localhost | NET::ERR_CERT_AUTHORITY_INVALID

前端 未结
关注
6 1927
臣服心动
臣服心动 2020-12-23 21:49

All of a sudden I seem to have an issue with Google Chrome using localhost.

I\'m trying to access any of my development sites (using Ampps) and I get the following e

相关标签:
6条回答
  • 遇见更好的自我
    2020-12-23 21:55

    This is really annoying to deal with, but mapping the local website to something other than .dev (I personally use .devo) does work and fixes the problem in chrome. Also, you can add an exception for the page in Mozilla Firefox and not deal with this at all. It's only a problem on Chrome 63+

    0 讨论(0)
  • 天命终不由人
    2020-12-23 21:56

    Best solution is to not use .dev because it owned by Google. Here you can find an updated list of all claimed TLDs : https://tools.ietf.org/html/rfc6761

    To be safe, choose an unclaimed TLD like .test or .localhost. You can read a useful blog post here : https://iyware.com/dont-use-dev-for-development/

    0 讨论(0)
  • 情深已故
    2020-12-23 21:58

    After playing around, I came up with one kind of a solution.

    First, lets talk about the problem: the cause of this error is that both of us used a .dev domain for our local development. If you go here you will find out that root .dev domain is owned by Google and applying HSTS in Chrome they enforce https-redirect for this domain. Since we use .dev domains, we get redirected to https version and at the same time we don't have any actual certificates installed. So, we see this annoying error. If you go to chrome://net-internals/#hsts you can check your .dev domain and you will actually find out that

    static_sts_domain: dev
static_upgrade_mode: FORCE_HTTPS
static_sts_include_subdomains: true

    which confirms that HSTS is enforced on *.dev indeed. The policy type is static and, as I understand, it's kind of hard-coded to https-redirect .dev domains.

    So, there are at least 2 ways - get and set up an actual certificate somehow or just use another (not .dev) root domain in httpd-vhosts.conf for your local development (also don't forget to update /etc/hosts and launch apache again). I went another root domain route and it solved this issue.

    0 讨论(0)
  • 无人及你
    2020-12-23 22:02

    I got same bug, because the CRL file is out of date, and the solution is that update the crl file

    0 讨论(0)
  • 一个人的身影
    2020-12-23 22:07

    you need to add remote site certificate to your local key store

    1. To download certificate from remote site, you will require keytool, open gitbash as admin and run below command to generate the certificate

      openssl s_client -showcerts -connect host:port

    2. save the value of above command to from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- to the .crt file.

    3. to add certificate to your local key store, run below command

      keytool -import -noprompt -trustcacerts -alias name_of_certificate -file "path_of_dot_crt_file" -keystore "C:\Program Files\Java\jdk1.8.0_192\jre\lib\security\cacerts" -storepass changeit

    you can also add downloaded certificate to your browser.

    0 讨论(0)
  • 悲哀的现实
    2020-12-23 22:17

    Navigate to

    chrome://flags/#allow-insecure-localhost

    and set this to enabled.

    0 讨论(0)
 看不清?
提交回复
热议问题