我试图让我的本地开发在Chrome重新运行,但Chrome阻止了这一点,提示证书无效。尽管它可能不是证书的日期,正如你在它的截图中看到的那样:
我只是想知道为什么没有高级>选项继续无论如何看到网站,并能够在本地开发应用程序。
还有几件事需要提一下:
The local development runs on
https://local.app.somecompany.com:4200/. It can't be just localhost,
because otherwise our authentication http-only cookies won't work in
Chrome.
Therefore the host file under etc/hosts was adjusted to
point to the localhost IP adress (127.0.0.1).
The certificate was
generated with openssl according to this tutorial and this
repo
The certificate works for a colleague with the exact same
Chrome version but with a MacOS version 10.14.6 (mine right now is
MacOS 10.15.1)
The chrome flag(chrome://flags/#allow-insecure-localhost) does not change anything
Also works in firefox on my laptop.
到目前为止,我在网上找不到任何帮助我解决这个问题的东西,所以我非常感谢,如果有人有更多的想法,我可以尝试!?
规格:
操作系统:MacOS 10.15.1
铬:78.0.3904.97
为了使macOS Chrome浏览器显示高级下的“Proceed”链接,请确保在X509扩展中使用TLS Web服务器身份验证创建证书。
这是一个用扩展创建的联机程序:
openssl req \
-newkey rsa:2048 \
-x509 \
-new \
-nodes \
-keyout server.key \
-out server.crt \
-subj /CN=test1 \
-sha256 \
-days 3650 \
-addext "subjectAltName = DNS:foo.co.uk,IP:127.0.0.1,IP:192.168.1.1" \
-addext "extendedKeyUsage = serverAuth"
如果MacOS openssl没有addext选项,请使用以下替代形式:
openssl req \
-newkey rsa:2048 \
-x509 \
-nodes \
-keyout server.key \
-new \
-out server.crt \
-subj /CN=test1 \
-extensions v3_new \
-config <(cat /System/Library/OpenSSL/openssl.cnf \
<(printf '[v3_new]\nsubjectAltName=DNS:a.spectrocloud.com\nextendedKeyUsage=serverAuth')) \
-sha256 \
-days 3650
正在扩展的密钥dedkeyusage =serverAuth。
为了使macOS Chrome浏览器显示高级下的“Proceed”链接,请确保在X509扩展中使用TLS Web服务器身份验证创建证书。
这是一个用扩展创建的联机程序:
openssl req \
-newkey rsa:2048 \
-x509 \
-new \
-nodes \
-keyout server.key \
-out server.crt \
-subj /CN=test1 \
-sha256 \
-days 3650 \
-addext "subjectAltName = DNS:foo.co.uk,IP:127.0.0.1,IP:192.168.1.1" \
-addext "extendedKeyUsage = serverAuth"
如果MacOS openssl没有addext选项,请使用以下替代形式:
openssl req \
-newkey rsa:2048 \
-x509 \
-nodes \
-keyout server.key \
-new \
-out server.crt \
-subj /CN=test1 \
-extensions v3_new \
-config <(cat /System/Library/OpenSSL/openssl.cnf \
<(printf '[v3_new]\nsubjectAltName=DNS:a.spectrocloud.com\nextendedKeyUsage=serverAuth')) \
-sha256 \
-days 3650
正在扩展的密钥dedkeyusage =serverAuth。