google-chrome - SSL Localhost 隐私错误

标签 google-chrome ssl localhost wamp self-signed

我在本地主机 (wamp) 上设置了 ssl,我用 GnuWIn32 制作了 ssl crt。

当我尝试在 Chrome 中使用 fb 登录时,我收到以下消息:

网址:

https://localhost/ServerSide/fb-callback.php?code=.....#_=_

错误:

Your connection is not private.
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_INVALID. localhost normally uses encryption to protect your information. When Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit localhost right now because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

我的 SSL 配置:

Listen 443    
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5    
SSLPassPhraseDialog  builtin    
SSLSessionCache        "shmcb:c:/wamp/www/ssl/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300    
<VirtualHost *:443>    
DocumentRoot "c:/wamp/www"
ServerName localhost:443
ServerAdmin admin@example.com
ErrorLog "c:/wamp/logs/error.log"
TransferLog "c:/wamp/logs/access.log"
SSLEngine on
SSLCertificateFile "c:/wamp/www/ssl/ia.crt"
SSLCertificateKeyFile "c:/wamp/www/ssl/ia.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/Apache24/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>    
BrowserMatch "MSIE [2-5]"  nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog "c:/wamp/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

我的问题是如何在本地主机上设置有效的 SSL 证书?还是我需要编辑我的配置?

最佳答案

允许不安全的 SSL(本地主机)

在 Chrome(包括 版本 113)中,启用允许不安全的本地主机:

chrome://flags/#allow-insecure-localhost

allow insecure localhost in chrome settings

引用this Stack Overflow获取更多信息。

允许不安全的 SSL(其他)

  1. 查看“您的连接不是私有(private)的。blah-bla-blah...
  2. 键入 thisisunsafe (关键听众将其拾起)

注意事项

如果您只是好奇这是否有效,请浏览 this site它有一个坏的根 ssl 证书。可以使用 badssl.com 找到其他“坏 ssl”站点.

More关于chromium "override keyword" :.

This is specific for each site.

The chrome developers also do change this periodically.

The current (v113) BYPASS_SEQUENCE is dGhpc2lzdW5zYWZl (which is base64 encoded).

关于google-chrome - SSL Localhost 隐私错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35565278/

上一篇:encryption - SSL 加密、SHA-1 和 SHA-2

下一篇:Django:检查模板的连接是否安全?

相关文章:

google-chrome - 如何使用 pywinauto 0.6 从 Chrome 获取当前 URL

google-chrome - 本地托管的 HTTPS 站点在 Chrome 中出现有关 websocket 的错误(使用 ParcelJS bundle 时)

java - PKIX 路径构建失败错误在 Oracle JDK 上仍然存在

java - 使用 JDBC 连接到 MySQL

css - CSS 网格中的 Chrome/Firefox 百分比高度差异

google-chrome - 有什么方法可以以 headless (headless)模式启动 Google Chrome 浏览器吗?

spring-boot - 无法加载资源:net::ERR_CERT_AUTHORITY_INVALID Angular 4

wordpress -/wp-admin/&/wp-login.php 重定向循环

https - Caddy - 在本地域上设置 HTTPS

java - 尝试通过 html 文件加载 java applet

©2024 IT工具网  联系我们