Jump to content
Login new information ×
Login new information

Allowing Self-Signed Certificates on Localhost with Chrome and Firefox

Batu69

By Batu69
in Security & Privacy Center

Recommended Posts

Batu69

Batu69

Posted
Posted

HTTPS for web applications is soon no longer an option, but a must-have. When you develop your application on your local machine, you may want to use a self-signet certificate. They cost you nothing and tools like Visual Studio create them on the first run in IIS Express. Everything would be great if current web browsers wouldn’t show you an error page like this one:

 

The Problem

 

What can we do to use our self-signed certificate on our local machines and not compromise the security of our web browser?

(Just to be explicit: This is for development purposes only. Never to that in production!)

Easy fix for Chrome

In Chrome all you need to do is to open enter this URL chrome://flags/#allow-insecure-localhost into the address bar to find the configuration setting for allowing invalid certificates for localhost:

 

Chrome settings

 

Click on Enable and restart Chrome. From now on invalid certificates on localhost (and just on localhost) are ignored and you can develop with your self-signed certificate.

Exceptions for Firefox

In Firefox you need to whitelist every certificate. On the error page for the invalid certificate you find a button with the label Advanced. Click it and then add an exception by clicking on the Add Exception button.

 

Firefox 1. Step

 

You can now once more verify if this is the certificate you want and then explicitly click on Confirm Security Exception...:

 

Firefox 2. Step

 

From now on your local certificate is accepted. If you no longer need this exception, you can click on the lock-icon in the address bar and remove it:

 

Firefox 3. Step

 

Conclusion

Self-signed certificates need a little work with your web browser. However, on localhost they have their place and can help you to start with HTTPS.

 

Article source

Link to comment
Share on other sites
  • Replies 3
  • Views 1.3k
  • Created
  • Last Reply
mikie

mikie

Posted
Posted

Guess the author didn't want to take the time to show a how-to with windows internet options for ie & edge - which is slightly more needed.

Link to comment
Share on other sites
Holmes

Holmes

Posted
Posted

There not slightly needed or point five percent needed or point one percent needed well for internet explorer they are not edge a how to would be helpful and Im sure with a google search you can find out.  Here is a way to do it with internet explorer:

 

http://stackoverflow.com/questions/681695/what-do-i-need-to-do-to-get-internet-explorer-8-to-accept-a-self-signed-certific/2955546#2955546

 

Look in that thread for the way for internet explorer for those that would want to use it in internet explorer.

Link to comment
Share on other sites
stylemessiah

stylemessiah

Posted
Posted

Why not actually create a proper self signed certificate with OpenSSLl's binary package and apply that to all browsers...which is what i do as i use squid proxy with ssl bump...

 

To save yourself downloading OpenSSL and cmdline fiddling, you an even do this online: http://www.mobilefish.com/services/ssl_certificates/ssl_certificates.php

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...