Solved

Save Locally Hosted HTTPS Certs & Credentials in Google Chrome

Posted on 2013-11-30
3
644 Views
Last Modified: 2013-12-29
Good Afternoon -

I've got a quick question for something annoying which I've briefly tried to resolve, but never been able to find out how (if possible.)

On my home "server" (Win7x64), I host many different services.  The ones which are web-based are all set up to use SSL only for security purposes obviously.  I also primarially use Google Chrome to access these services both locally and remotely.  

Each time I browse to any of the SSL services, I get the red warning screen in Chrome saying "This site's security certificate is not trusted."
Google Chrome SSL Warning
After choosing to accept, I must then enter my credentials for the service.
Google Chrome SSL Credentials Prompt
The Issue
For my personal hardware, I don't want the cert warning to appear - especially when running the web browser on box local to the service.  Ideally, it would be nice to not have to enter the credentials, either, but am not trying to be too picky.  Obviously, once I accept the certificate and enter credentials once, I don't have to the rest of the time I keep Chrome open, but want to be able to bypass every time - just on my hardware.

What I've Tried to Resolve Issue
1. At the warning screen in Chrome, I've tried to find an option to import the certificate so I may choose to import it into the Trusted Root store.  Can't find one.

2. Searched the service's folder for a cert file.  Found one in a couple of them.  Opened certificate authority for my local box and imported them into Trusted Root.  For the services I found them for, I'm still prompted, though - no change.

3. I use LastPass for personal sites.  It's really good at trying to grab entered credentials when detected, but doesn't do so for SSL it seems.  Perhaps LastPass binary will?

That's about it - think I'm going to try to access services via IE and see if I can import.  If works, hopefully will then work in Chrome, too.  Surely, there's a Chrome setting in a sort of about:config which will allow bypassing that screen globally as an alternative.  Just an idea.

UPDATE
Immediately after posting the above, I loaded the same URL (I'm currently remote to server) in Internet Explorer (10) where of course I was met with a similar warning
IE Warning
I then tried the additional following things to resolve
4. Chose to "Install Certificate" in store determined Automatically

5. Chose to "Install Certificate" into Trusted Root, Trusted Authority, and Personal stores (each via separate process)

6. After reading TechNet post, opened IE "As Admin" and re-performed steps 4 & 5

After all of that - still - no change and I get the same results in Chrome as well as IE.

Any Suggestions?  Thanks!
0
Comment
Question by:BzowK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 58

Expert Comment

by:Gary
ID: 39687273
Is this a self-signed certificate or from a cert provider.
If from a cert provider you may need a chain/intermediate certificate
0
 

Author Comment

by:BzowK
ID: 39687279
Pretty sure it's self-signed.  Below are some screenshots from importing it from IE.  Guess I should mention also that I have a domain name tied to my home network and am accessing it that way.  Don't know if that would play a role in certificate verification (I hate messing with certs!) :)
 Cert Details Page 1Cert Details Page 2ACert Details Page 2BCert Details Page 3
Thanks for your help -
0
 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 39687286
Well self signed certs will never be trusted by any browser unless you manually import them, because there is no trusted issuing CA authority.
You are saying this is for web based access? For a free real cert use
http://www.startssl.com/
Then you won't have this problem (will need the chain as well)
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question