SSL Localhost Privacy error
Solution 1
In Chrome, you can use url chrome://flags/#allow-insecure-localhost
to allow insecure localhost. Refer to this Stack Overflow for more information.
Update: arda-basoglu's steps are confirmed, this works, too:
- When you see "Your connection is not private...NET::ERR_CERT_INVALID" warning on Chrome,
- Just type "thisisunsafe" (anywhere...key listeners pick it up) and wait.
Solution 2
1. When you see "Your connection is not private...NET::ERR_CERT_INVALID" warning on Chrome,
2. Just type "thisisunsafe" and wait.
Note: Last time this was tested, Chrome latest version was 96.0.4664.110
Related videos on Youtube
Ramo Toric
Updated on January 06, 2022Comments
-
Ramo Toric over 2 years
I setup ssl on localhost (wamp), I made the ssl crt with GnuWIn32.
When I try to login with fb in Chrome I get the following message:
URL:
https://localhost/ServerSide/fb-callback.php?code=.....#_=_
Error:
Your connection is not private.
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_INVALID. localhost normally uses encryption to protect your information. When Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.You cannot visit localhost right now because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.
My SSL Config:
Listen 443 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLPassPhraseDialog builtin SSLSessionCache "shmcb:c:/wamp/www/ssl/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 <VirtualHost *:443> DocumentRoot "c:/wamp/www" ServerName localhost:443 ServerAdmin [email protected] ErrorLog "c:/wamp/logs/error.log" TransferLog "c:/wamp/logs/access.log" SSLEngine on SSLCertificateFile "c:/wamp/www/ssl/ia.crt" SSLCertificateKeyFile "c:/wamp/www/ssl/ia.key" <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "c:/Apache24/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog "c:/wamp/logs/ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>
My question is how to setup valid SSL certificate on localhost? or do I need to edit my configuration?
-
Romeo Sierra over 4 yearsAny idea why this is happening? For me, angular server which was running on port number 4200 was previously working fine. It was only yesterday that I faced this issue for the first time. Any idea why that happened all in a sudden?
-
WEBjuju over 4 years@RomeoSierra when did you setup the ssl...yesterday? even if ssl had been setup previously, you may have been accessing the site via "http" not "https".
-
Romeo Sierra over 4 yearsNop. I had SSL setup for long time now, as it is required for facebook signup. And when you host your development server for angular using
ng serve --ssl=true
you can't access over HTTP. -
WEBjuju over 4 years@romeosierra dunno - if this fixes it, there you go.
why it broke
may be an opportunity to ask a new question. -
James over 3 yearsThis actually works. I wish Chrome would just put something in devtools to address this, but at least this is something better than enabling a catch all flag.
-
KlavierCat over 3 yearsStill working for Chrome Version 88.0.4324.96
-
Aaronius over 3 yearsDa hell? I was looking over my shoulder to make sure nobody was watching because I was going to be embarrassed I was gullible enough to try this. It actually works.
-
WEBjuju about 3 yearsI have the accepted answer which was for "localhost" only. Typing this when you see the page (not into any input widget, just type it) will accept the insecure ssl cert for any domain.
-
p-syche over 2 yearsThis solution is right out of some silly hacker movie :D and yet... it works. Checked in Chrome 96.0.4664.110.
-
Alper Batıoğlu over 2 yearsomg :) this is just like an easter egg. And it is still working for Edge Version 98.0.1108.51