Linux Chrome and Self-Signed SSL Certificates
I use an OpenSSL certificate for a private ColdFusion app that I use for a link management and calendar app. For months I've been trying to get Google Chrome for Linux to recognize the certificate and remember it between sessions. I followed the instructions here but couldn't get it to stick.
I chanced upon the solution when it became time to re-generate the SSL certificate, which I do annually. It turns out that Chrome expects the Organization Name, Organizational Unit Name and Common Name to be the same as the fully qualified domain name, in my case, www.linkstart.com.
Here then are the instructions to create a self-signed certificate and get Chrome to permanently recognize it. I'm assuming the SSL module has already been set up in Apache.
On the server:
Substitute the .key and .crt file names as you require in the the following:
When prompted, set these as per your site - remember to use the full website address for the Organization Name, Organizational Unit Name and Common Name:
- Country Name (2 letter code) [AU]:CA
- State or Province Name (full name) [Some-State]:ON
- Locality Name (eg, city) []:Richmond Hill
- Organization Name (eg, company) [Internet Widgits Pty Ltd]:www.linkstart.com
- Organizational Unit Name (eg, section) []:www.linkstart.com
- Common Name (eg, YOUR name) []:www.linkstart.com
- Email Address []:oliverm@linkstart.com
To enable this cert in Google Chrome, do this on the client:
Go to the URL of your site, eg. https://www.linkstart.com/
Get Certificate Information by clicking on the https part of the URL
Export the certificate to the Desktop as Base64-encoded ASCII, single certificate
this should show: www.linkstart.com C,,
Re-start Google Chrome
There are no comments for this entry.
[Add Comment]