Self-signed Cert Not Working Due to Chrome latest update
-
This issue happens because the reason below
The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.
Any idea to fixed it ?
I try to revise openssl.config but it seen doen't work
-
@LostNCG:
You can check @Kurre's answer here:
https://forum.laragon.org/topic/106/laragon-and-let-s-encrypt/3
But your browser is nagging about untrusted certificate
You need to add it as trusted certificate...In Chrome go to chrome://settingsAdvanced settings
HTTPS/SSL
Manage certificates
Now we need to import newly created certificate to Chrome's certificate store
Select import and select app.dev.crt file which you created earlier
Important: Now you need to select the certificate store where you want to store this certificate.
Select Place all certificates in the following store and to Certificate Store: select Trusted Root Certification Authorities
Click Finish/OK and restart your browser. Now you can browse to https://app.dev without browser nagging about the certificateHopefully you can get certificates working with this method..I wrote this text in a little rush, so please ask if you have some problems
-
@leokhoa sorry, I think you are misunderstanding...
This issue happens due to latest chrome update, please check the link below
I know how to whitelist the self-signed cert in the browser, as evidence, please view screenshot below,
Please note that the cert is auto generated by laragon
This is the error chrome show to me, missing SAN
Imported to chrome
The content of cert
The solution I found :
-
open config file in laragon\bin\apache\httpd-2.4.25-win64-VC14\conf\openssl.cnf
change *.example.com in alt_names to your own domain, eg mine is emp.it
- cd to laragon\etc\ssl, and run command below
openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout {custom.name}.key -out {custom.name}.crt
This is the cert generated
change ssl cert path in auto.{domain.name}.conf, and import into chrome
re-open browser and reload laragon
Finally
-
-
@LostNCG : Nice solution!
-
@LostNCG I have followed your guide but not working.
Please help me!
I attached openssl.cnf.
0_1532796393894_openssl.cnf
-
Your entire post just told me you have a problem, but nothing anymore, how can I help you?
You should understand the correct way to ask a question before you post.- Correct and complete enough logs
- Describe abnormally status/behavior in process (if any)
- Screenshot errors returned
- Understand what is the correct materials that would help in solving problem
BTW, issue on automated SSL cert feature have been solved by @leokhoa , you can try
- Update laragon to latest version 3.3
- Clean your browser cache and restart the browser
- Restart laragon's apache server
-
Hi @LostNCG ,
Thanks for your reply!
My problem is can't add "Subject Alternative name" into the newtonx.crt file.
Although I did follow your step by step instructions at StackOverflow.
Thanks for the support!