Post Reply
RasJam
Posts: 1
Joined: Sat Feb 11, 2017 2:08 am

Chrome: Your connection is not private (ERR_CERT_AUTHORITY_INVALID )

Sat Dec 15, 2018 5:18 am

Hello Everyone.
I have recently got back to work on my Raspberry Pi web server which now hosts a small site. I've used No-IP as a dynamic dns service to view my site outside of my home network but when I visit the site (jameswebserver.hopto.org) an error comes up on both chrome and safari stating that my connection is not private (Chrome Error Code: ERR_CERT_AUTHORITY_INVALID). I'm assuming this has something to do with missing an SSL certificate, although I've not seen this covered in tutorials or the forums before. I was wondering I there's a way of getting around this error.
Thanks
bzt
Posts: 564
Joined: Sat Oct 14, 2017 9:57 pm

Re: Chrome: Your connection is not private (ERR_CERT_AUTHORITY_INVALID )

Sat Dec 15, 2018 6:53 pm

Hi,

Unfortunately no. There used to be a workaround (--ignore-certifitace-errors), but it was removed from chrome.

You should create a certificate request for your domain name, have it signed by one of the CAs who's root certificate is installed in the browsers (you have to pay for it), then as a last step, set up the signed cert in your webserver on the Raspberry Pi.

About listing the available CAs in your chrome, read this. I suppose Safari has a similar list. Here's the offical root CA doc for chrome, but it falsely states that there's no central CA list on Linux. There is, in the directory /etc/ssl/certs.

About generating a certificate request, you'll need OpenSSL, and I suggest to read this and this and this.

Cheers,
bzt

EDIT: just popped into my mind, ask your DNS provider, maybe they have a common public cert with the CN "*.hopto.org" which you can download and install in your webserver (not likely, but worth a shot).
pfletch101
Posts: 624
Joined: Sat Feb 24, 2018 4:09 am
Location: Buffalo, NY, USA

Re: Chrome: Your connection is not private (ERR_CERT_AUTHORITY_INVALID )

Sat Dec 15, 2018 10:42 pm

Another possibility, costing some time and effort but no cash, would be to obtain and install a Certificate from LetsEncrypt (https://letsencrypt.org).
bzt
Posts: 564
Joined: Sat Oct 14, 2017 9:57 pm

Re: Chrome: Your connection is not private (ERR_CERT_AUTHORITY_INVALID )

Sun Dec 16, 2018 11:50 am

pfletch101 wrote:
Sat Dec 15, 2018 10:42 pm
 Another possibility, costing some time and effort but no cash, would be to obtain and install a Certificate from LetsEncrypt (https://letsencrypt.org).
Yeah, good advice! As long as Let's Encrypt's root CA is listed in your browser, you can use that too, it will work.

Cheers,
bzt
Post Reply

Return to “Networking and servers”