DEVHIDE
Login Or Sign up

How to deal with self-signed certificate in the Chrome Apps?

733 Views Asked by At

I'm developing a Chrome App, which connects to the server over SSL. Of course, the certificate is self-signed.

In the Chrome browser, it's not a problem because Chrome opens a security warning page. If user chooses to continue to the website, it goes on to the remote page. However, in the Chrome Apps, it doesn't give such a warning page asking user whether to go on or not. Instead, a connection error is thrown out in the console.

To workaround this problem, the user has to connect to the page in the browser once and accepts the certificate, and then he/she could proceed in the Chrome Apps.

I'm wondering how to deal with this issue in the Chrome Apps directly?

google-chrome ssl-certificate google-chrome-app self-signed
Original Q&A
2

There are 2 best solutions below

0
On

http://www.startssl.com/?app=1 provides free SSL certificates. Try having your customers get one of those instead of training your users to accept insecure connections. Or put the insecure connection over http:, which declares the intention to be insecure.

0
On

If server uses self signed certificate then there's nothing you can do. There are two other ways though, which requires server side certificate changes and depending on those changes user may or may not have to do some settings in browser

  1. Update the server with a Trusted CA issued certificate. This does not require user to do any setting. Examples for trusted CAs are GoDaddy, VeriSign etc,. You can check the list of Trusted CAs in chrome://settings -> HTTPS/SSL -> Manage certificates -> Trusted Root Certificate Authorities

  2. Update the server with a any other CA issued certificate. Then provide a way for user to download the certificate and then user has to install/import it in his/her system/PC Once certificates is installed or imported, you can check chrome://settings -> HTTPS/SSL -> Manage certificates -> Trusted Root Certificate Authorities to confirm that its installed into "Trusted Root certificates" folder. Only if certificate is imported into this folder there will be no errors in console for SSL connections.

Of course if you do not want do all this then there is a workaround as you mentioned to tell user to connect to the page in the browser once and accepts the certificate, and then he/she could proceed in the Chrome Apps

Related Questions in GOOGLE-CHROME

Related Questions in SSL-CERTIFICATE

Related Questions in GOOGLE-CHROME-APP

Related Questions in SELF-SIGNED

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.