6

I generated a self signed ssl certificate including the new Subject Alternative Name field. I've installed this certificate multiple times into Trusted Root Certification Authorities both from within Chrome and within windows.

The certificate shows it is installed properly in the windows certmgr, but it does not appear in the chrome certficate store and I get a Not secure warning on page load

Certificate - missing This site is missing a valid, trusted certificate (net::ERR_CERT_AUTHORITY_INVALID).

If I try to install into a different certificate store such as Other People then Chrome registers it properly.

The issue may be because the certificate is for a dev domain I am forwarding from localhost, and a real (not self signed) certificate exists on the live site. I've tried flushing my dns.

However, when I load the site chrome does show my self signed cert, It just does not trust it as it is not in Chrome's Trusted store.

When I bring up the insecure cert the status shows The issuer of this certificate could not be found.

I'm on Windows 8.1 and Chrome 66.0.3359.139

FFF
  • 741
  • 1
  • 8
  • 19
  • You'll probably have to deal with CT too :) https://stackoverflow.com/questions/54890552/referrer-policy-hide-the-referrer-of-self-signed-certificates – Eran Betzalel Feb 27 '19 at 09:39
  • 1
    Turned out the issue was i was installing a generic cert with wildcards, used a more specific cert as a .pem file and it worked, even though it wasnt shown as one of the supported filetypes – FFF Jan 16 '21 at 03:43

0 Answers0