I am working on a web application product that is to be distributed to several clients. Now everything was fine as long as customers used localhost but when they used the server IP to access web application's password page, Chrome and other browsers started showing "Not secure" on the title. I know about self signing but I am sure that it is not the possible solution for web product where every user will have to create signing authority and setup the signature or at lease create signing authority.
Web application product shows "Not secure" warning on browsers
64 Views Asked by Harsh Shankar At
1
There are 1 best solutions below
Related Questions in WEB-APPLICATIONS
- Azure Web App PATH Variable Modification
- How To Update a Web Application In Azure and Keep The App Up the whole time
- Developing a search and tag heavy website
- How do you include a HTML file in c
- Is it recommended to use Node.js for an online room booking web application?
- programmatically uninstall other application without asking user
- Fail to locate j_spring_security_check in Spring Security
- Configuring Web Applications for iOS
- Change Javascript Variables Using <input>
- how do you use angularJs to produce a functioning webapp?
- NoClassDefFound error in web application deployed on Tomcat
- Replying to a request in ruby on rails (Server side)
- Exclude one role in web.xml
- LDAP connection only works on localhost
- Displaying statistics collected by Moskito-central
Related Questions in HTTPS
- HTTP to HTTPS mapping using proxy servers
- How to fix WordPress HTTPS issues when behind an Amazon Load Balancer?
- KeyStore file is not found in jar, although present in jar
- How do I accept a self-signed SSL certificate using iOS 7's NSURLSession
- HSTS: Should I force user to use HTTPS on load balance or web server?
- squid sslbump works with private connection warning
- javax.net.ssl.SSLPeerUnverifiedException: Hostname not verified:
- https post request using httpClient and cert.em
- Added SSL certificate to website, everything runs fine except if someone types https://example.com
- Using HTTPS or encrypt response myself
- redirect https to http for content filtering
- iOS9 ATS: what about HTML5 based apps?
- How to pass https url to a class' constructor that requires URL object as parameter in Java?
- Cannot Read XML file from https:// site
- Problems connecting via HTTPS/SSL through own Java client
Related Questions in LOCALHOST
- auDIO_OUTPUT_FLAG_FAST denied by client can't connect to localhost
- Connect to localhost:3000 from another computer | expressjs, nodejs
- How do you run a javascript outside of the localhost directory with requirejs?
- error in python mysql where clause
- To connect to Remote Desktop connection via local system
- Joomla password reset not working
- multiple submit button in python
- Angular's $cookies only work on 'localhost'
- Why can't I connect to a local server using phantomjs / casperjs
- Connecting to localhost:8080 using Google Chrome
- Fetching data from local mysql using angular not working
- Vagrant localhost issue
- YouTube IFrame API - Untrusted Origin: Null
- R rvest connect with local host
- Unable to connect to localhost Apache Ubuntu
Related Questions in WEBSECURITY
- Asp.Net Mvc4 WebSecurity How to activate or deactivate a user account
- Is PHPIDS enough for securing my website?
- JS posts data with special characters in the request payload to service layer, do we need to escape?
- Helmet Content Security Policy Global Path not working
- Do these .env GET requests from localhost indicate an attack?
- Why is hard coding username password security threat in php?
- How to make a self running file?
- Private authentication algorithm - web security
- get 403 forbiden when do ajax call on submit event in codeigniter 4
- What are recommended / minimum parameters for hashlib.scrypt?
- SSL, how to forward the link of to website to SSL included version?
- How does HttpOnly cookie protect against XSS/Injection attack if they are passed automatically with every request?
- How do I find malware in my Wordpress Directory?
- How to disable same origin policy Internet Explorer
- Do browsers really block external content?
Related Questions in SECURITY-WARNING
- Security Warning in signed applet
- Is it possible to suppress MS Access "Security Warning" prompt without signing the project?
- Using a Loadbalancer ssl terminated, how to generate links and other urls with https
- How to force user to deal with the Security Warning when starting Access 2007?
- Windows Security Message when opening file
- ionic/cordova openFB Facebook Login not working (SECURITY WARNING) on android device
- Avoid Windows security warning
- Can I prevent digital signature warning when I start a java application from command line?
- This webpage contains content that will not be delivered using a secure HTTPS connection, although the server only provides a HTTPS connection
- IE Security Warning with widgets
- How to programmatically disable security warning in Internet Explorer (8)?
- What does the Java Applet security warning "JAR file manifest does not contain the Permissions attribute"mean?
- Java applet: Caller-Allowable-Codebase does not work
- how to get rid of security message box from gecko webbrowser
- Web application product shows "Not secure" warning on browsers
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
If the server certificate is self-signed is not responsibility of the user to create anything. The server must be configured to use a CA signed certificate that the browser will be able to verify it's identity.
Browsers pre-trust many known CA root certificates. If your web application has a server certificate signed by a known CA, the user will not receive any errors in the browser, since it will be able to verify the application's own identity.
There are plenty of resources online explaining how to create a CSR and get it signed by a CA (it may involve extra costs).