Ubuntu – How to get Chrome accepting self signed certificates

google-chromehttpsopensslsslUbuntu

I have a local REST-API service based on node/express and MongoDB.

I am planning to switch over from http to https.

The Clients are running on Windows Server 2012 R2 (Terminal-Server).

The REST-API is hosted via Docker on Ubuntu 16.04 LTS Server.

I know:

  • I have to create a self signed certificate by using openSSL on the server hosting the API
  • Browsers have problems accepting self signed certificates

My Question:

  • Is it possible that Clients (Chrome) will accept the HTTPS connection using a self signed certificate?

Best Answer

Is it possible that Clients (Chrome) will accept the HTTPS connection using a self signed certificate?

Yes. You need to import the certificate into Chrome (after exporting it to a file, if you have not done that yet). You can import certificates in the certificate dialog, which you can reach via Settings / Advanced / Manage Certificates.

Some caveats:

  • Since Chrome 58, the self-signed certificate must have the right domain name in the Subject Alternative Name (SAN) field.
  • After importing the certificate, you need to restart Chrome.

For details, see for example this question on StackOverflow:

Getting Chrome to accept self-signed localhost certificate