Self-signed Cert Not Working Due to Chrome latest update


  • | 1171 points

    This issue happens because the reason below

    The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.

    Any idea to fixed it ?
    I try to revise openssl.config but it seen doen't work


  • administrators
    | 89404 points

    @LostNCG:
    You can check @Kurre's answer here:
    https://forum.laragon.org/topic/106/laragon-and-let-s-encrypt/3


    But your browser is nagging about untrusted certificate :disappointed:
    You need to add it as trusted certificate...In Chrome go to chrome://settings :arrow_right: Advanced settings :arrow_right: HTTPS/SSL :arrow_right: Manage certificates
    Now we need to import newly created certificate to Chrome's certificate store
    Select import and select app.dev.crt file which you created earlier
    Important: Now you need to select the certificate store where you want to store this certificate.
    Select Place all certificates in the following store and to Certificate Store: select Trusted Root Certification Authorities
    Click Finish/OK and restart your browser. Now you can browse to https://app.dev without browser nagging about the certificate :)

    Hopefully you can get certificates working with this method..I wrote this text in a little rush, so please ask if you have some problems


  • | 1171 points

    @leokhoa sorry, I think you are misunderstanding...
    This issue happens due to latest chrome update, please check the link below

    http://www.techrepublic.com/article/how-to-resolve-ssl-certificate-warnings-produced-by-the-latest-chrome-update/


    I know how to whitelist the self-signed cert in the browser, as evidence, please view screenshot below,

    Please note that the cert is auto generated by laragon

    This is the error chrome show to me, missing SAN
    0_1496139739915_sp170530_181641.png

    Imported to chrome
    0_1496139806768_sp170530_181614.png

    The content of cert
    0_1496139842232_sp170530_182103.png

    The solution I found :

    1. open config file in laragon\bin\apache\httpd-2.4.25-win64-VC14\conf\openssl.cnf

    2. follow solution in StackOverflow

    change *.example.com in alt_names to your own domain, eg mine is emp.it

    1. cd to laragon\etc\ssl, and run command below

    openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout {custom.name}.key -out {custom.name}.crt


    This is the cert generated
    0_1496140608887_sp170530_180559.png

    change ssl cert path in auto.{domain.name}.conf, and import into chrome

    re-open browser and reload laragon

    Finally
    0_1496140911958_sp170530_184102.png


  • administrators
    | 89404 points

    @LostNCG : Nice solution!


  • | 495 points

    @LostNCG I have followed your guide but not working.
    Please help me!
    I attached openssl.cnf.
    0_1532796393894_openssl.cnf
    0_1532796553426_upload-8e0dce81-98e7-4641-904a-8a20b3eb5b76


  • | 1171 points

    @Monster-Dragon

    Your entire post just told me you have a problem, but nothing anymore, how can I help you?
    You should understand the correct way to ask a question before you post.

    1. Correct and complete enough logs
    2. Describe abnormally status/behavior in process (if any)
    3. Screenshot errors returned
    4. Understand what is the correct materials that would help in solving problem

    BTW, issue on automated SSL cert feature have been solved by @leokhoa , you can try

    1. Update laragon to latest version 3.3
    2. Clean your browser cache and restart the browser
    3. Restart laragon's apache server

  • | 495 points

    Hi @LostNCG ,
    Thanks for your reply!
    My problem is can't add "Subject Alternative name" into the newtonx.crt file.
    Although I did follow your step by step instructions at StackOverflow.
    Thanks for the support!


Log in to reply
 

Looks like your connection to Laragon was lost, please wait while we try to reconnect.