Google Chrom doesn't go to a website with an unsigned certificate



  • To develop a web-based file, google-analytics.com But when you try to find him, the browser swears that the certificate is not signed. And he doesn't offer a button like "Go anyway." It seemed like a button before. I don't know how to turn off this alert and let me, after all, on my fear and risk, as they say, on the website.

    Apparently, in the new version of Chrome, the button was removed, but I've never found a solution after a long run on the Internet.

    Safari, for example, lets. введите сюда описание изображения



  • It works. HSTS (sighs) https://ru.wikipedia.org/wiki/HSTS ) He is. Mandatory Make access to the site through a verified safe connection without trusting the user.

    https://code.google.com/p/chromium/codesearch#chromium/src/net/http/transport_security_state_static.json&l=320 , like a white list of domains for which HSTS operates on the initiative BrowserNot a server.

    Having control of their own system, self-signed self-sustaining can be generating. Certificate Authority (CA) Install it into the system[1]and then, on its basis, corroborate your own certificate for the dominance you need (assigned to the Common Name in the generation) and issue it to the web server. Then a browser seeking validation in the system certificate repository would consider the connection to that server to be trusted.

    But keep the sgenerated keys safe, because your system certainly trusts them. If they get a malicious man, he can make your system believe almost anything.


    • [1] Or use it. Firefoxwho uses his own certificate pack, not systemic. In this case, the CA is sufficient to establish only Firefox and the rest of the CA certificate system will not be believed. Okay, I guess it's safer.
      https://www.chromium.org/Home/chromium-security/root-ca-policy ♪ I can't teach him.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2