0

Basically, I want to add a self-signed certificate (including complete chain with own CA and intermediate) to my Angular environment. The environment is reachable via pcname.fritz.box. That's the idea.

Now I created my own CA and intermediate certificates and the server/client certificates. Afterwards, I added the ca-chain-bundle.cert.pem to my Windows 10 root CAs.

Then I added the server.cert.pem and server.key.pem to my angular.json and started with ng serve --host pcsname.fritz.box --ssl.

If I open the URL https://pcname.fritz.box:4200/ with Firefox I get in the developer console MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT and in Chrome/Edge I get NET::ERR_CERT_AUTHORITY_INVALID.

What I'm missing? I don't want to add it as an exception. Instead it should appear as valid certificate locally.

testing
  • 19,681
  • 50
  • 236
  • 417

1 Answers1

0

There were several issues:

  1. I used the wrong key combination with the server certificate. Therefore the browser displayed me CN=localhost instead of CN=pcname.fritz.box.
  2. Firefox needs to change some setting to accept certificates from the Windows certificate store.
  3. Chrome needs a certificate with a SAN!
  4. Don't know if necessary, but I added all certificates (root CA, intermediate and server) to my Windows root CA store.
testing
  • 19,681
  • 50
  • 236
  • 417