Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Chrome (net::ERR_CERT_COMMON_NAME_INVALID) errors on SSL self-signed certificate

Tags:

node.js

google-chrome

express

ssl-certificate

I'm trying to setup a site on localhost using a self-signed certificate for Express.js on Windows 10. Here is the Express.js server code.

index.js

const https = require('https')
const express = require('express')
const app = express()
const fs = require('fs')
const path = require('path')

const httpsOptions = {
    cert: fs.readFileSync(path.resolve(__dirname, 'ssl', 'ca.crt')),
    key: fs.readFileSync(path.resolve(__dirname, 'ssl', 'ca.key'))
}

const router = require('./router')

app.use('/people', router)

https.createServer(httpsOptions, app)
    .listen(3443)

I have also imported the certificate authority ca.crt file to chrome, and restarted chrome. But I still have error on chrome as shown below:

enter image description here

Please guide how to solve this problem Thanks

I created the keys and certificate using the following commands.

# certificate authority key
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out ca.key

# server key
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out server.key

# certificate authority
openssl req -new -x509 -days 365 -key ca.key -subj "/CN=Test CA/O=Test Organization" -out ca.crt

# certificate signing request
openssl req -new -key server.key -subj "/CN=localhost/O=Test Organization" -out server.csr

# server certificate
openssl x509 -days 365 -req -in server.csr -CAcreateserial -CA ca.crt -CAkey ca.key -out server.crt

# verification
openssl verify -verbose -CAfile ca.crt server.crt

System Info

  • OpenSSL: 1.1.0e 16 Feb 2017
  • Node: 7.7.1
  • Windows 10
like image 668
Artisan Avatar asked Mar 15 '17 17:03

Artisan

1 Answers

Spent a couple of hours trying to fix this. The following way worked for me:

Create a config file (for example req.cnf)

[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
  [req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
OU = MyDivision
CN = local.com
  [v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
  [alt_names]
DNS.1 = local.com
IP.1 = 127.0.0.1

and then generate a certificate and private key

 openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout local.com.key -out local.com.crt -config req.cnf -sha256
like image 86
Alex Vasilev Avatar answered Sep 29 '22 03:09

Alex Vasilev
Sign in to Comment

Related questions

Call specific NodeJS function in package.json scripts
Browserstack reports successful even when test fails in Nightwatchjs
fs.existsSync is not a function node.js/electron app
How to configure Hystrixjs in a node app?
AWS VPC Lambda Function keeps losing internet access
NodeJS, socketIO, multiple files
nodejs get file character encoding
Use node.js to determine if in git directory
Jenkins Git Plugin does not receive posted Parameters
npm install doesnt create dist folder
Importing / exporting only after certain promises have resolved
How to require raw static html file on webpack
ngrok retrieve assigned subdomain
Node JS Inserting array of objects to mysql database when using transactions
How to structure multiple HTTP requests in a server-side rendered React app?
I still get the pyramid of doom when using promises, what am I doing wrong?
How to run functions that converted by webpack?
How to switch Nodejs Version of root user?
Using publisher confirms with RabbitMQ, in which cases publisher will be notified about success/failure?
NPM / Yarn suppress unmet dependencies warning if dependency is globally installed

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!