让Chrome接受自签本地证书 [英] Getting Chrome to accept self-signed localhost certificate

问题描述

我为localhost CN创建了一个自签名SSL证书。正如预期的，在最初抱怨之后，Firefox接受这个证书。然而，Chrome和IE拒绝接受它，即使将证书添加到受信任根下的系统证书存储区后也是如此。即使在Chrome的HTTPS弹出窗口中单击查看证书信息时证书列为正确安装，但它仍然坚持证书不可信。

我该假设什么如何让Chrome接受证书并停止抱怨？

解决方案

这对我有用：

1. 使用Chrome浏览器，通过HTTPS在服务器上点击一个页面，并继续通过红色警告页面（假设您尚未完成此操作）。


2. 打开 Chrome设置>显示高级设置> HTTPS / SSL>管理证书。


3. 单击权限选项卡并向下滚动以在组织名称下找到您的证书您已授予证书。


4. 选择它，点击编辑（注意：在最近版本的Chrome中，按钮现在是高级而不是编辑 ），选中所有框并单击确定。您可能需要重新启动Chrome。

现在，您应该可以在网页上获得漂亮的绿色锁定。

编辑：我在一台新机器上再次尝试这种方式，只需从红色不受信任的证书页面继续，证书就不会出现在管理证书窗口中。我必须执行以下操作：
$ b

1. 在包含不可信证书（ https：// 以红色划掉），点击锁定>证书信息。 注意：在较新版本的chrome上，您必须打开开发者工具>安全，然后选择查看证书。


2. 点击导出。选择 PKCS＃7，单个证书作为文件格式。
然后按照原来的说明进入管理证书页面。点击 Authorities选项卡>导入并选择导出证书的文件，确保选择 PKCS＃7，单个证书 作为文件类型。

3. 如果提示认证存储，请选择受信任根证书颁发机构
>选中所有框，然后单击确定。重新启动Chrome。

I have created a self-signed SSL certificate for the localhost CN. Firefox accepts this certificate after initially complaining about it, as expected. Chrome and IE, however, refuse to accept it, even after adding the certificate to the system certificate store under Trusted Roots. Even though the certificate is listed as correctly installed when I click "View certificate information" in Chrome's HTTPS popup, it still insists the certificate cannot be trusted.

What am I supposed to do to get Chrome to accept the certificate and stop complaining about it?

解决方案

This worked for me:

1. Using Chrome, hit a page on your server via HTTPS and continue past the red warning page (assuming you haven't done this already).
2. Open up Chrome Settings > Show advanced settings > HTTPS/SSL > Manage Certificates.
3. Click the Authorities tab and scroll down to find your certificate under the Organization Name that you gave to the certificate.
4. Select it, click Edit (NOTE: in recent versions of Chrome, the button is now "Advanced" instead of "Edit"), check all the boxes and click OK. You may have to restart Chrome.

You should get the nice green lock on your pages now.

EDIT: I tried this again on a new machine and the certificate did not appear on the Manage Certificates window just by continuing from the red untrusted certificate page. I had to do the following:

1. On the page with the untrusted certificate (https:// is crossed out in red), click the lock > Certificate Information. NOTE: on newer versions of chrome, you have to open Developer Tools > Security, and select View certificate.
2. Click the Details tab > Export. Choose PKCS #7, single certificate as the file format.
3. Then follow my original instructions to get to the Manage Certificates page. Click the Authorities tab > Import and choose the file to which you exported the certificate, and make sure to choose PKCS #7, single certificate as the file type.
4. If prompted certification store, choose Trusted Root Certificate Authorities
5. Check all boxes and click OK. Restart Chrome.

这篇关于让Chrome接受自签本地证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！