SSL本地主机隐私错误 [英] SSL Localhost Privacy error

问题描述

当我尝试在Chrome中使用fb 登录时

>我收到以下消息：

URL：

  https： //localhost/ServerSide/fb-callback.php?code=.....#_=_ 
  

错误：

您的连接不是私有。

攻击者可能试图从localhost窃取您的信息（例如密码，信息或信用卡）。 NET :: ERR_CERT_INVALID。
localhost通常使用加密来保护您的信息。当Chrome此次尝试连接到本地主机时，该网站发回了不正常和不正确的凭据。当攻击者试图伪装成本地主机，或者Wi-Fi登录屏幕中断连接时，可能会发生这种情况。您的信息仍然安全，因为Chrome在任何数据交换之前都会停止连接。

您现在无法访问本地主机，因为该网站发送了Chrome无法处理的乱码凭据。网络错误和攻击通常是暂时的，所以这个页面可能会工作。

我的SSL配置：

  Listen 443 
 SSLCipherSuite HIGH：MEDIUM：！aNULL：！MD5 
 SSLPassPhraseDialog内置
 SSLSessionCacheshmcb：c：/ wamp / www / ssl / logs / ssl_scache（512000）
 SSLSessionCacheTimeout 300 
< VirtualHost *：443> 
 DocumentRootc：/ wamp / www
 ServerName localhost：443 
 ServerAdmin admin@example.com 
 ErrorLogc：/wamp/logs/error.log
 TransferLogc：/wamp/logs/access.log
 SSLEngine on 
 SSLCertificateFilec：/wamp/www/ssl/ia.crt
 SSLCertificateKeyFilec：/ wamp /www/ssl/ia.key
< FilesMatch\。（cgi | shtml | phtml | php）$> 
 SSLOptions + StdEnvVars 
< / FilesMatch> 
<目录c：/ Apache24 / cgi-bin> 
 SSLOptions + StdEnvVars 
< / Directory> 
 BrowserMatchMSIE [2-5]nokeepalive ssl -unisan-shutdown \ 
 downgrade-1.0 force-response-1.0 
 CustomLogc：/wamp/logs/ssl_request.log \ 
％t％h％{SSL_PROTOCOL} x％{SSL_CIPHER} x \％r \％b
< / VirtualHost> 
  

我的问题是如何在本地主机上设置有效的SSL证书？或者是否需要编辑我的配置？

解决方案

在Chrome中，您可以使用url chrome：/ / flags /＃allow-insecure-localhost 允许不安全的本地主机。有关更多信息，请参阅

I setup ssl on localhost (wamp), I made the ssl crt with GnuWIn32.

When I try to login with fb in Chrome I get the following message:

URL:

https://localhost/ServerSide/fb-callback.php?code=.....#_=_

Error:

Your connection is not private.
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_INVALID. localhost normally uses encryption to protect your information. When Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit localhost right now because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

My SSL Config:

Listen 443    
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5    
SSLPassPhraseDialog  builtin    
SSLSessionCache        "shmcb:c:/wamp/www/ssl/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300    
<VirtualHost *:443>    
DocumentRoot "c:/wamp/www"
ServerName localhost:443
ServerAdmin admin@example.com
ErrorLog "c:/wamp/logs/error.log"
TransferLog "c:/wamp/logs/access.log"
SSLEngine on
SSLCertificateFile "c:/wamp/www/ssl/ia.crt"
SSLCertificateKeyFile "c:/wamp/www/ssl/ia.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/Apache24/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>    
BrowserMatch "MSIE [2-5]"  nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog "c:/wamp/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>   

My question is how to setup valid SSL certificate on localhost? or do I need to edit my configuration?

解决方案

In Chrome, you can use url chrome://flags/#allow-insecure-localhost to allow insecure localhost. Refer to this Stack Overflow for more information.

这篇关于SSL本地主机隐私错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！