1

I am using a self signed certificate for the development of an Open Layers 3 implementation.

OL3 is reading layers from a Geoserver using https://localhost:8443, and the website is being hosted at https://localhost:444. I am using Apache and Tomcat 7 for this.

This all works fine in Firefox. Though I get the initial warning about the certificate. But accepting the risk it then connects via https with no problem, and all of the content is delivered correctly.

In Chrome and IE however I am getting the following error in the console and the site isn't receiving content from the Geoserver:

https://localhost:8443/geoserver/
Failed to load resource: net::ERR_INSECURE_RESPONSE

This is associated with port 8443 which is what Tomcat is using to deliver Open Layers 3 content.

Single Entity
  • 2,925
  • 3
  • 37
  • 66
  • Firefox has become a bit more strict about these certs than in the past. Some self-signed certs cannot be imported through Settings, but a `policies.json` can be created to eliminate all the certificate warnings: https://stackoverflow.com/a/74802552/2657515 – JonathanDavidArndt Dec 14 '22 at 19:45

1 Answers1

1

It turned out the reason is that Chrome and IE use a certificate store which it checks against to validate the certificate where as Firefox doesn't. You have to assign your self signed certificate to the certificate store for it to allow any data to be transferred through to the client in IE and Chrome.

In IE you can left click on the certificate error -> View Certificates -> Install Certificate, and then install the certificate in Trusted Root Certification Authorities Folder. Refresh and it worked for me.

Single Entity
  • 2,925
  • 3
  • 37
  • 66