Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, May 2, 2017 5:00 PM | 2 votes
Three people on my team have the same problem happening starting last week. We are unable to debug local websites. It worked before just fine. I see postings about chrome deprecating: https://www.chromestatus.com/features/4981025180483584
All new/existing HTTPS web sites made in VS 2015 or 2017 give an certificate error in Chrome.
To reproduce
Latest updated version of 2015 or 2017
New VS Project, Web, MVC Pattern
Enable HTTPS
Run under Chrome
Result:
Your connection is not private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is localhost; its security certificate is from [missing_subjectAltName]. This may be caused by a misconfiguration or an attacker intercepting your connection. Learn more.
What are the steps to fix this on a Windows 10 Pro machine?
All replies (5)
Thursday, May 4, 2017 1:09 PM | 1 vote
Hello,
You have likely already figured this out, but I believe that your issue is related to the Chrome removing support for commonName matching in certificates.
https://developers.google.com/web/updates/2017/03/chrome-58-deprecations
If you can't fix the cert there is a work around:
"Note: Enterprises that need to support such certificates for internal purposes may set the EnableCommonNameFallbackForLocalAnchors Enterprise policy."
They noted that this will impact < 1% of users. I also happen to have been one of them.
Thursday, May 4, 2017 8:27 PM
Yes, it is related to Chrome removing support.
The Problem is that it will happen now to ALL Visual Studio users who make a web project, unless IISExpress and VS changes how they issue developer certificates.
So Microsoft needs to address by changing the certs it creates, no force every developer to do a workaround for Chrome and Firefox
The EnableCommonNameFallbackForLocalAnchors does not seem to do the trick under HKey_Local_machine or hkey_current_User.
Anyone else solved this?
Friday, May 5, 2017 10:05 AM
Hi Mike,
Thank you for your update.
It looks like the chrome made this change “Remove support for commonName matching in certificates” recently and it is a third-party software, maybe Microsoft have not adjusted this modification yet.
I have reported this issue to the VS Product Team, please check this: VS 2017: All new/existing HTTPS web sites give a certificate error in Chrome, you can vote it and add your comments, then we need to wait for response from the VS Product Team Engineers.
Sorry for this inconvenience and thank you for your understanding. During this progress, you can think about use the work around to solve this issue, so you can keep on moving your development.
Best regards,
Sara
MSDN Community Support<br/> Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact <a href="mailto:MSDNFSF@microsoft.com">MSDNFSF@microsoft.com</a>.
Friday, May 5, 2017 3:30 PM | 2 votes
Three people on my team have the same problem happening starting last week. We are unable to debug local websites. It worked before just fine. I see postings about chrome deprecating: https://www.chromestatus.com/features/4981025180483584
All new/existing HTTPS web sites made in VS 2015 or 2017 give an certificate error in Chrome.
To reproduce
Latest updated version of 2015 or 2017
New VS Project, Web, MVC Pattern
Enable HTTPS
Run under Chrome
Result:
Your connection is not private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is localhost; its security certificate is from [missing_subjectAltName]. This may be caused by a misconfiguration or an attacker intercepting your connection. Learn more.
What are the steps to fix this on a Windows 10 Pro machine?
If you are getting this error by accessing a specific website, you may try to import that SSL certificate to be trusted certificate. As a result, this error will no longer annoy you.
I would recommend checking antivirus, especially Avast, as it has an SSL scanning feature, which will sometimes block SSL connections on your computer and lead to this error. So, turn off your antivirus or even Windows Firewall to verify the scope of this error.
Date and time of your computer is also a thing you should check again!
Thursday, May 9, 2019 5:23 AM
Hey, just figured this out. Key this into the address bar in chrome and then select enabled
chrome://flags/#allow-insecure-localhost