Reputation: 485
angular ssl certificate ERR_CERT_COMMON_NAME_INVALID
I bought valid SSL certificate for my website, however when I serve angular with it at https://localhost:4200/ I still have the browser page warning the certificate is invalid. The details of the certificate seems correct though on that page. is this an expected behaviour?
"start": "ng serve --ssl true --ssl-key ssl/cert.key --ssl-cert ssl/cert.crt",
NET::ERR_CERT_COMMON_NAME_INVALID Subject: m%%%%%%%%%.io
Issuer: Sectigo RSA Domain Validation Secure Server CA
Expires on: 3 Oct 2022
Current date: 2 Jul 2020
PEM encoded chain: -----BEGIN CERTIFICATE----
- I came to look at it as I previously simply uploaded my website files generated through
ng build -- prodinto the server and try to login but I received443/login net::ERR_CERT_INVALIDhttps is showing with a lock but POST is being denied
All this is rather confusing for me. I received two files from the CA provider Your PositiveSSL Multi-Domain Certificate - cert.crt Your Apache "bundle" file - cert.ca-bundle
if that is for any help the server is spring and the details are attached below. Can someone please shed some lights?
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private UserPrincipalDetailsService userPrincipalDetailsService;
private UserRepository userRepository;
public SecurityConfiguration(UserPrincipalDetailsService userPrincipalDetailsService, UserRepository userRepository) {
this.userPrincipalDetailsService = userPrincipalDetailsService;
this.userRepository = userRepository;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(authenticationProvider());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors().
and()
.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.addFilter(new JwtAuthenticationFilter(authenticationManager()))
.addFilter(new JwtAuthorizationFilter(authenticationManager(), this.userRepository))
.authorizeRequests()
.antMatchers( "/login").permitAll()
.anyRequest().permitAll()
.and()
.headers().frameOptions().sameOrigin();
}
@Bean
DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
daoAuthenticationProvider.setUserDetailsService(this.userPrincipalDetailsService);
return daoAuthenticationProvider;
}
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowCredentials(true);
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
configuration.setAllowedHeaders(Arrays.asList("*" ));
configuration.setExposedHeaders(Arrays.asList("Authorization", "x-auth-token"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}
Upvotes: 0
Views: 6128
Answers (3)
Reputation: 49
we are using gRPC API's with envoyproxy
replace your server address by domain name don't use 192.xx.xx.122:443(wrong), this.user_login_grpc = new QcfEmployeeDataClient('192.xx.xx.122:443');
instead use domain name example (https://example.com) its resolve my issue.
this.login_grpc = new userClient('https://backend-domain.com');
Upvotes: 0
Reputation: 647
"when I serve angular with it at https://localhost:4200/"
Because you have to use a FQDN
More info here: https://www.ssl.com/faqs/what-is-a-fully-qualified-domain-name/
Upvotes: 0
Reputation: 485
The issue which I had with ERR_CERT_COMMON_NAME_INVALID I think can be discarded as this is only in a dev environment for localhost
The issue which I had with ERR_CERT_INVALID was that the spring server had an incorrect keystore file generated
server.ssl.key-store=classpath:keystoref.p12
Upvotes: 0
Related Questions
- How to let angular use my ssl certificates?
- Certificate for <localhost> doesn't match any of the subject alternative names
- CORS error connecting Angular to Spring (localhost 8080 <--> localhost 4200)
- SSLException: Received fatal alert: certificate_unknow
- Configure SSL certificate in Angular 8 with Spring boot Application
- how to resolve the error GET http://localhost:8484/ 401
- Angular and Spring Boot, CORS request did not succeed Error, when HTTPS is active
- Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID Angular 4
- How to add (Exceptions) SSL certificate in the Browser automatically
- Angular PUT request is Forbidden over SSL