CODEWITHSUNDEEP
google-chromessllocalhostwampself-signed
Ramo Toric
Ramo Toric

Reputation: 960

SSL Localhost Privacy error

I setup ssl on localhost (wamp), I made the ssl crt with GnuWIn32.

When I try to login with fb in Chrome I get the following message:

URL:

https://localhost/ServerSide/fb-callback.php?code=.....#_=_

Error:

Your connection is not private.
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_INVALID. localhost normally uses encryption to protect your information. When Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit localhost right now because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

My SSL Config:

Listen 443    
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5    
SSLPassPhraseDialog  builtin    
SSLSessionCache        "shmcb:c:/wamp/www/ssl/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300    
<VirtualHost *:443>    
DocumentRoot "c:/wamp/www"
ServerName localhost:443
ServerAdmin [email protected]
ErrorLog "c:/wamp/logs/error.log"
TransferLog "c:/wamp/logs/access.log"
SSLEngine on
SSLCertificateFile "c:/wamp/www/ssl/ia.crt"
SSLCertificateKeyFile "c:/wamp/www/ssl/ia.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/Apache24/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>    
BrowserMatch "MSIE [2-5]"  nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog "c:/wamp/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

My question is how to setup valid SSL certificate on localhost? or do I need to edit my configuration?

Upvotes: 89

Views: 108900

Answers (3)

WEBjuju
WEBjuju

Reputation: 6581

Chromium Version 79 through (at least) Version 133

Allow Insecure SSL (localhost)

In Chrome enable allow insecure localhost at this url:

chrome://flags/#allow-insecure-localhost

allow insecure localhost in chrome settings

Refer to this Stack Overflow for more information.

Allow Insecure SSL (other)

  1. See "Your connection is not private. blah-bla-blah"...
  2. Type thisisunsafe (key listeners pick it up).

Notes

If you are just curious if this works, browse this site which has a bad root ssl certificate. Other "bad ssl" sites can be found using badssl.com.

More about the chromium "override keyword":.

This is specific for each site.

The chrome developers also do change this periodically.

Since Version 79 the BYPASS_SEQUENCE is and has been dGhpc2lzdW5zYWZl (base64 encoding for "thisisunsafe").

Upvotes: 210

Arda Basoglu
Arda Basoglu

Reputation: 1600

1. When you see "Your connection is not private...NET::ERR_CERT_INVALID" warning on Chrome,

2. Just type "thisisunsafe" and wait.

Note: Last time this was tested, Chrome latest version was 119.0.6045.159

Upvotes: 129

Shakeel
Shakeel

Reputation: 2015

Your connection is not private
Attackers might be trying to steal your information from 10.10.10.10 (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_INVALID

Type “badidea” or “thisisunsafe” directly on same chrome page.

Do this if you REALLY SURE about the link you are trying is safe. In my case I was trying to setup stackstorm locally using vagrant and virtualbox

Chrome version: Version 92.0.4515.131 (Official Build) (x86_64). Source

Upvotes: 2

Related Questions