6

Our application runs within a frameset that uses one visible frame to show content and two others to handle communication with the server. I did not design this and have no power to change it now.

The problem is that my local machine does not have a valid SSL certificate (it's self-signed), so accessing it and trying to login pops an 'invalid certificate' error. In IE and FF I am able to simply click a button to continue. However, I just started trying to test with Chrome and it seems to stop me dead with:

 Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error.

There is no option to continue. There also doesn't appear to be anything in the options menu to add localhost as a trusted site, though I may have missed something. Does anyone know a way around this? Disabling SSL locally won't be very easy and risks me forgetting to enable it for deployment. Any other thoughts?

Thanks.

Nicholas
  • 1,974
  • 4
  • 20
  • 46

2 Answers2

2

What I would recommend is to add the self-signed certificate to Chrome manually rather than trying to make localhost a trusted site. It looks like there are a couple ways to accomplish this. Here is one forum thread that discusses the issue, but I think it boils down to:

  1. If you are on Windows, install the certificate in IE. The linked thread explains this process in more detail, but it looks like you go to the site in IE, click "Continue" or similar, then right-click the certificate error button to the right of the URL bar and follow the prompts. (If that doesn't work, here's a question that I believe addresses the issue.)
  2. More recent versions of Chrome appear to allow certificate import directly. On version "15.0.874.121 m" for Windows, I can click the tool menu, go to Options, then Under the Hood, then the Manage Certificates button. I believe you then click the "Import..." button, though I do not recall whether you need to be on the Personal tab or one of the others. You will need to have the certificate in a file format that Chrome supports (p12 is one, there are others). There is a help link in the appropriate place that specifies the accepted formats.
Community
  • 1
  • 1
Andrew
  • 14,325
  • 4
  • 43
  • 64
  • Thanks, Andrew. Importing the certificate did not actually solve the problem, but it allowed me to aim at the https version of the site (thus avoiding the http to https frame redirect) and click an override button. That allowed me to login, which is all we use https for. So a good dev workaround. :) – Nicholas Dec 07 '11 at 18:11
-4

I recommend Safari for this purpose. Sign a cert with StartCom, and enroll the cert in the browser.

Joshua Steiner
  • 129
  • 1
  • 6
  • Thank you for the response, but the goal is to confirm that the application works specifically in chrome. We already use IE and FF, but there are minor differences between them that necessitate testing in all three individually. – Nicholas Dec 07 '11 at 18:12