My previous question asked how to specify the config file and the command such that I can connect to my web server on my local area connection via HTTPS.
I have figured that out and added the certificate to my Android phone's Trusted Certificate store, but for some reason Chrome on Android is still saying "The identity of this website has not been verified. Server's certificate is not trusted."
I think the issue might be that because it is not a root certificate, Android doesn't trust it still? I googled around and there seems to be some talking about how setting basicConstraints to CA:TRUE may solve it, but you may also need to use Key Usage as well?
I tried several permutations of the suggested approaches, but nothing seems to be working. My question is simple: what configuration do I need to use in order for Chrome on Android to accept my self-signed certificate as valid? I want to debug push notifications locally in my dev environment and they require HTTPS.
This is my current configuration for generating the certificates, which allows Chrome to connect (via https://192.168.1.155:8080), but still has it say "Server's certificate is not trusted". Is it possible to change it to rectify this error?
req.cnf:
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
OU = MyDivision
CN = localhost
[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = DNS:localhost,IP:192.168.1.155,IP:127.0.0.1
openssl req -newkey rsa:2048 -x509 -nodes -keyout key.pem -new -out cert.pem -config req.cnf -sha256 -days 3650
