Your connection is not private NET::ERR_CERT_COMMON_NAME_INVALID

Question

I am facing strange issue on chrome while debugging local ASP.NET application on chrome. I am not able to open localhost without https. With Https it's giving error: Your connection is not private NET::ERR_CERT_COMMON_NAME_INVALID.

It was working on chrome till last update & is working on firefox & IE. There is also no option in advanced setting to skip error & visit site.

Please help.

Answer 1

Finally banging head on desk for two days I found this setting in chrome://flags/ to Allow invalid certificates for resources loaded from localhost. finally no disable all certificate error, only for localhost. Adding answer for someone struggling with same issue.

Answer 2

You can copy this tag and add to Google Chrome shortcut to bypass this warning permanently.

--ignore-certificate-errors

Source:

 https://usefulpcguide.com/16666/your-connection-is-not-private/

Answer 3

I ran into this error and my problem turned out to be Charles (it's a web debugging proxying app). I needed to install a SSL Proxy Certificate for Charles.

1. Go to Help menu
2. SSL Proxying -> Install Charles Root Certificate
3. Open Keychain Access and enable/allow it

If you don't use Charles then obviously this answer doesn't help you at all.

Answer 4

Disable SSL Error warnings is just a temporary method to bypass the SSL connection error. You can’t fix this problem permanently. If you have installed antivirus software that provides “HTTPS protection” or , you will see this error. So you turn off Your Firewall or Antivirus software.

Source: https://windows10freeapps.com/fix-your-connection-is-not-private-error-google-chrome/

Answer 5

I had similar problem when I tried to use my self signed certificate and run my xhtml app in browser under https and with tomcat. What I did:

1. in java's RE dir (usually Program Files\Java\jre1.8.0_202\bin) there is keytool and in command line I used this:

   keytool -genkey -alias example -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -validity 3650 -keystore "C:\yourdir\yourkeystore.jks" -ext san=dns:localhost,dns:yourdesktophostname,ip:127.0.0.1,ip:::1
   

Answer questions to create certificate which is created for 10 years, SHA-2 and what Chrome needs more: san(SubjectAlternateName).

2. I added below lines to tomcat's server.xml (usually Program Files\Apacha Software...\conf:

   <Connector port="yourportnumber" protocol="org.apache.coyote.http11.Http11NioProtocol"
                  maxThreads="150" SSLEnabled="true"
                  compression="on" scheme="https" secure="true"
                  keystoreFile="conf/yourkeystore.jks"
                  keystorePass="yourpassword"
                  SSLVerifyClient="none" SSLProtocol="TLSv1.2"/>
   

   Restart Tomcat.

3. Open the localhost address in Chrome browser (https:\localhost:yourport). It will tell "Not secure" at left side of address line and https crossed out

   
   Click on it and in that window press on certificate (invalid). It opens the certificate window and press on Details tab and press on copy to file button. Create crt file as instructed.

4. Open up Chrome Settings > Show advanced settings > HTTPS/SSL > Manage Certificates. Select Trusted Roots tab and import the crt file here. Edit this certificate and mark all check boxes.

Restart Chrome