ghost
commented
7 years ago I tried this guide and still no luck. I can confirm this for myself. https://discourse.roots.io/t/self-signed-ssl-cert-w-browser-sync-localhost-proxy-chrome-on-windows/5862/6
Open JayBizzle opened 7 years ago
ghost
commented
7 years ago I tried this guide and still no luck. I can confirm this for myself. https://discourse.roots.io/t/self-signed-ssl-cert-w-browser-sync-localhost-proxy-chrome-on-windows/5862/6
shakyShane
commented
7 years ago Thanks @JayBizzle - but as far as I remember, I've always been greeted by this warning - I just accepted it 'something you get' with self-signed certs.
Are you suggesting that for you, you didn't previously see this warning?
JayBizzle
commented
7 years ago @shakyShane Yes, previously we prevented this warning by adding the certificates in the /lib/server/certs folder to our KeyChain and setting them to Always Trust (You can do this with all self-signed certs, so you get the green URL bar whilst in a dev environment)
But, since the Chrome 58 update, the certs aren't valid from Chromes point of view anymore because of the reasons mentioned in the first link in my first post.
Thanks
shakyShane
commented
7 years ago Great, thanks - I'll look into it then :)
mikemartin
commented
7 years ago @JayBizzle @shakyShane I fixed this by generating my own certs with Keychain and including the SAN extension.
This has removed the security error but hopefully Browsersync updates their own certs in /lib/server/certs/ to include the SAN extension soon.
.browserSync({
https: {
key: "/Users/mike/.localhost-ssl/key.pem",
cert: "/Users/mike/.localhost-ssl/cert.pem"
}
});Good work @mikemartin
Will test this out as a short term solution
glambert
commented
7 years ago What would need to be done for this to be fixed?
JayBizzle
commented
7 years ago @ls-guillaume-lambert Create a certificate that satisfies the requirements outlined here - https://textslashplain.com/2017/03/10/chrome-deprecates-subject-cn-matching/
glambert
commented
7 years ago @JayBizzle I'm not too familiar with this, is it simple enough that you could do it and I'd be glad to review 😉
cwellsx
commented
7 years ago There's a related thread here https://github.com/webpack/webpack-dev-server/issues/854 with comments on how to generate appropriate certificates using various tools on various platforms.
mikemartin
commented
7 years ago Amazing. Great to see that @johnboxoll is on the case! Looks like he has a recent pull request here: https://github.com/webpack/webpack-dev-server/pull/857
glambert
commented
7 years ago In the mean time, you can allow-insecure-localhost in chrome flags:
chrome://flags/#allow-insecure-localhost
Found here: https://productforums.google.com/d/msg/chrome/sTyLejkD8NQ/bhAhmHIzAgAJ
glambert
commented
7 years ago This how-to article worked too: https://deliciousbrains.com/https-locally-without-browser-privacy-errors/ combined with custom key/cert in browser-sync's https config:
https: {
key: '/path/to/localhost.key',
cert: '/path/to/localhost.crt',
},
eduardomb08
commented
5 years ago The solution here worked for me; running on IE.
Issue details
Since Chrome 58, self-signed certificates can cause the following message to appear...
Details on why this has suddenly started happening can be found here - https://textslashplain.com/2017/03/10/chrome-deprecates-subject-cn-matching/
Info on creating certificates with the
SubjectAltNameset correctly can be found here - http://fbcs.co.uk/self-signed-multiple-domain-ssl-certificates/Steps to reproduce/test case
Update to Chrome 58
Please specify which version of Browsersync, node and npm you're running
Affected platforms
Browsersync use-case
If CLI, please paste the entire command below
{cli command here}
for all other use-cases, (gulp, grunt etc), please show us exactly how you're using Browsersync