Chrome

Chrome: How to install self-signed SSL certificates

Often, during the development of a website on our local machine (localhost) or on our remote private server, we do not have an SSL certificate issued by a trusted certification authority, and we are forced to configure the webserver with a self-signed certificate.

In this case, while browsers such as Firefox allow you to add an exception, even permanently, to the site in question, opening that website in Chrome will produce each time a notice of this type (NET::ERR_CERT_AUTHORITY_INVALID):

This warning, moreover, will imply that you won’t be able to save login data of your website, as Chrome does not save forms information for websites having an unsafe HTTPS connection.

To resolve this problem, you need to accomplish a very simple task: export the SSL certificate for the website in the appropriate format and install it as a trusted certificate.

To export the SSL certificate we’ll use Google Chrome.

Open Chrome and visit your website. You will get the above warning, click on “ADVANCED” and then on “Proceed to <domain name> (unsafe)”.

At this point, open Chrome Developer tools by hitting F12 key and go to “Security” tab.

Click on “View certificate“, go to “Details” tab and click on “Copy to File…”.

Hit “Next” and select “Cryptographic Message Syntax Standard – PKCS #7 Certificates (.P7B)“, then “Next” again.

Click “Browse…” and save certificate to a location on your PC (ie: Desktop) by clicking “Next”.

Finally, click “Finish”.

In the next page we’ll see how to import the certificate.

Previous post

Postfix: How to identify a PHP script sending spam

Next post

Windows 7 won't boot

Fulvio Sicurezza

Fulvio Sicurezza

6 Comments

  1. Alisa
    Saturday November 18th, 2017 at 05:19 PM — Reply

    Thank you so much for this – very helpful!!

  2. Nathan
    Sunday April 29th, 2018 at 08:37 AM — Reply

    “Click on “View certificate“, go to “Details” tab and click on “Copy to File…”.”

    – No such option on macOS

    • Fulvio Sicurezza
      Monday April 30th, 2018 at 07:11 AM — Reply

      Hi Nathan,

      for MacOS, after clicking “View certificate”, select the certificate (last node of the tree located in the upper part of the window) and simply drag the large certificate icon (the one to the left of “Issued by” and “Expires” words) and drop it to your desktop or in any Finder window.
      After that, you can import the saved certificate by double-clicking it.

  3. Wednesday May 23rd, 2018 at 03:17 PM — Reply

    didnt work

  4. Daniel Ann
    Wednesday June 27th, 2018 at 01:08 PM — Reply

    Okay this works.
    I wonder, if this worked because I used chrome setting to install the server certificate?
    When I tried installing server certificate using MMC certificate snap-in chrome ignored it and kept on displaying certificate invalid.
    Now that your way worked I’ve deleted the server certificate using MMC certificate snap-in chrome still opens up the site in GREEN color.
    Chrome is definately storing some information on its own storage just don’t know where that is…

Leave a reply

Your email address will not be published. Required fields are marked *