5

I am developing a website using Roots.io stack (Trellis + Bedrock + Sage).

I am working, locally, on several sites and they're all working fine. Until today I reboot my computer > execute vagrant up > attempt to access the local development URL https://mysite.dev > but suddenly get an error, in Chrome, stating "NET::ERR_CERT_AUTHORITY_INVALID".

Normally, I do get a similar error, but I have the option to dismiss it. But now I do not.

Via BrowserSync, I can access the site via localhost:3000 but not using the development URL.

If you're familiar with Roots, you know that Trellis generates the SSL locally as self-signed in an automated process. So I know very little about how it works outside of their documentation.

I understand that this issue seems to be a mix-match with the SSL certificates locally, but I don't really know how to troubleshoot that. I'm thinking there is a file locally that needs to be deleted and replaced. But I don't know how to generate a replacement if that's the case.

I have spent about an hour reading any articles I could find on the topic but none seem to really explain precisely what's going on in a way I can apply.

Update: Ultimately I'm looking for a way to add an exception for the ticket in Chrome. I was able to do it in Firefox and it's working there.

Thank you.

Samuel Lelièvre
  • 3,212
  • 1
  • 14
  • 27
Spencer Hill
  • 1,043
  • 2
  • 15
  • 38
  • 1
    Seems like more of a chrome problem than a programming problem – erik258 Dec 16 '17 at 04:25
  • So I've been troubleshooting this further and I was able to get the site working in Firefox when prompted to add an exception for that certificate. So it seems I caused the issue with a change to my code base somehow (including the local VirtualBox server) but I still have not identified a way to force Chrome to make the same exception. Any thoughts? – Spencer Hill Dec 28 '17 at 01:39

2 Answers2

2

Short Answer: Don't use .dev extensions in your local URLs as this is now a real domain name extension no longer reserved for localhost.

Long Answer: https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/

Spencer Hill
  • 1,043
  • 2
  • 15
  • 38
1

You can either

  • Import this certificate using Chrome's Options > Manage Certificates > Import
  • Or simply ignore SSL errors launching chrome with args --ignore-certificate-errors like /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --ignore-certificate-errors &> /dev/null & (not recommended).
Jehy
  • 4,729
  • 1
  • 38
  • 55
  • Thank you for the reply. I have tried the second option already and it made no difference unfortunately (I'm on Linux Ubuntu and tried a similar command). As for importing "this" certificate. What is "this" referring to? – Spencer Hill Dec 22 '17 at 23:50
  • You'd import the certificate of the key used to sign the certificate used on the web server. If it's self signed, that would just be the cert itself. – erik258 Dec 28 '17 at 15:05
  • "this" is current website's self signed ssl certificate. – Jehy Dec 29 '17 at 12:26
  • Thank you for the recommended solutions Dan. But neither of these are working. I'm experiencing this on Mac and Linux Ubuntu. – Spencer Hill Jan 28 '18 at 23:37