10

EDIT: As suggested, this question has been moved to SuperUser, but was closed with no activity ;-( The best answer I found was to pass a command line option to Chrome to ignore all certificate errors.

https://superuser.com/questions/808413/force-chrome-to-accept-any-ssl-certificate-regardless-of-who-it-was-signed-by

Original Question:

Is it possible to get Chrome to trust an SSL certificate, regardless of who it was signed by?

I've seen this discussion on getting Chrome to accept self signed certificates here on StackOverflow, but it doesn't seem to work in all cases - It appears it's failing when the certificate isn't self signed, but the authority isn't known for some reason.

For my development purposes, I want to trust these certificates no matter who signed them. Is this possible?

On on a Mac, but appreciate any responses.... Thanks!

Community
  • 1
  • 1
Brad Parks
  • 66,836
  • 64
  • 257
  • 336

1 Answers1

7

Like written at the discussion you referenced you can use the option --ignore-certificate-errors to make chrome ignore any certificate errors. I've tried this successfully (on Linux) with expired certificates and certificates with an unknown CA. Be sure to either close any other chrome browsers or use a separate data directory specified with option --user-data-dir=....

Another option would be to set up a man-in-the-middle proxy like mitmproxy, squid with SSL bumping or fiddler and let these accept all certificates and sign them with their own CA, which you then can accept as a trusted CA inside the browser.

Community
  • 1
  • 1
Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • good idea on the mitmproxy.... i'll give that a shot... – Brad Parks Sep 05 '14 at 19:24
  • I found a good way to do this - create self signed certs that are fully trusted by creating them with your own root authority - super easy to do on a mac, and [the process to do so is detailed here](http://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/ ) – Brad Parks May 30 '16 at 13:19
  • and [I've rolled it up into scripts i use on the mac over in this answer here](https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate/43666288#43666288) – Brad Parks May 30 '17 at 11:34