NET::ERR_CERT_AUTHORITY_INVALID on Chrome
I have generated self signed certificate for my server. After importing root CA cert to my browser, I was trying to access my website via Chrome, I am however getting "NET::ERR_CERT_AUTHORITY_INVALID" error. Is there a way to 'debug' Chrome's certs procedure so that I could find out what I am doing wrong when generating the cert ?
The error is very vague and makes me run in circles tweaking portions of the script I wrote to make it work ... without luck.
Here is the script (I have changed certs subject details for security purposes ;-) )
echo "Removing existing files ..." rm root* rm server* rm v3* echo "Step 1" printf " authorityKeyIdentifier=keyid,issuer\n basicConstraints=CA:FALSE\n keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment\n subjectAltName = @alt_names\n\n [alt_names]\n IP.1 = "$1 > v3.ext echo "Step 2" openssl genrsa -out rootCA.key 2048 echo "Step 3" openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem -subj "/C=US/ST=PA/L=Pittsburgh/O=TestTest/OU=TestTest/CN=www.test.com" echo "Step 4" openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -subj "/C=US/ST=PA/L=Pittsburgh/O=ServerCert/OU=ServerCert/CN=$1" echo "Step 5" openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key - CAcreateserial -out server.pem -days 500 -sha256 -extfile v3.ext
IE uses the same repository for root certificates as Chrome, but it does validate my cert successfully.