I've just started using homestead to try and do some laravel development on my windows machine (normally I work with valet on mac which does all this for you) and it looks like when I start a new homestead box (using "vagrant up") it automatically sets up ssl? And chrome is freaking out when trying to connect to the website because the certificate is invalid.
I'm not sure how to get around this problem, how can I prevent the homestead box from trying to use ssl out of the box? Or get chrome to accept the cert that it's trying to provide?
I've tried downloading the certificate (crt file from /etc/nginx/ssl on the box) and installing it on my machine and then restarting chrome but I get the same error.
As #brianforan has pointed out in his comment, Google has decided for their own reasons that the latest versions of Chrome will no longer support development under the top level domain of ".dev". Chrome will assume that any .dev domain is automatically meant to run under SSL, and will redirect to SSL.
Use an alternate TLD for your site - I have a preference for .local or .localhost myself, but it's entirely up to you.
Related
Recently i have re-installed my GitLab application on my Linux system. When i tried to access my GitLab application link (https://gitlab.domain.com) on Windows system's Firefox browser i am getting below error.
Since the certificate generated freshly it was conflicting with existing/previous certificate, So i have followed this Link workaround. However even after system reboot also same error occurring, I can't access my GitLab application on Firefox browser.
I'm able to access it on Chrome browser without any problem.
Please let me know still where i need to clear the old certificate to make it work on firefox?
That seems to be the same error as in issue 435013 reported 13 years ago (and still open), where Firefox has an issue with routers and NSS (Network Security Services) (error -8054)
As I understand it, and from the discussion on #312732 which is the underlying issue, the problem is that the crypto uses the cert ID as a unique key in a database.
When a dupe is encountered, you can't have two primary keys in a database, so it just dies with a fatal error, hence FireFox gives up connecting to the site and passes on the fatal error to be presented.
This is not a "fundamental NSS design issue", it's a political issue, Firefox is ACTIVELY refusing to let people access their network equipment.
Check also the firmware of your router:
It seems to me that it is VERY EASY for the server-side products that
generate these certificates to more-or-less fix the problem in updated
firmware with very little effort. Even simply randomizing the serial numbers
in the certs, they would nearly completely eliminate the problem, AFAICT. In
fact, it is worth making sure that the affected server-side hardware has
up-to-date firmware, because some vendors might have already fixed it on
their end already.
Possible workaround (which would work even after FF restart)
This is hardly any fix, but I installed a new Mozilla from scratch on a VM under Virtualbox.
I than browsed to all my local systems I was getting this error. On connecting from the new Window3s sytem running on VM to each local IP, I received the warning, and created the exception.
I than went in to Preferences>Advanced, and Exported all the certificates to a share on one of my NAS units.
I proceeded back to the broken Mozilla running on my Mac OS X 10.11.1, and I Imported all the certificates.
I then restarted FF, and connected to each device I was getting the error on, and I received the "This is an untrusted connection, Get me out of here, or would you like to create an exception." YES!!
I created the exception, and finally I could get to my firewalls, and all other local devices.
Other workaround:
Run: firefox --no-remote --ProfileManager
Create a new profile there.
Open a new instance of Firefox using the new profile. To run Firefox with the profile you can use the command from 1. or: firefox --no-remote -P profile_name
Do the actions there as if it was a separate installation of Firefox
I'm using OSX and I have been using AMPPS for my local development environment. Everything was peachy then all of
This site can’t be reached
This site on the company, organization or school intranet has the same URL as an external website.
Try contacting your system administrator.
ERR_ICANN_NAME_COLLISION
I've tried to automatic proxy config in network preferences, restarting my computer, restarting chrome etc.
Turns out .dev is top level domain and purchased by google so can't be used even locally...:\
I installed a Microsoft Navision Demo Server on my machine recently for testing/research purposes. When trying to work on one of my websites I noticed that when I browse to http://localhost/ ; this welcome page is being shown, does anyone know how to remove it? I have removed all Sites in IIS Manager but that hasn't helped. When I browse to 127.0.0.1 I get to see my own website that I am working on though.
Deleting the sites from IIS Manager actually did do the trick. It was a matter of clearing the cached localhost website from my browser.
We're having a problem here that a few hours on Google would suggest is very common but mostly unresolved.
Since upgrading to Windows 8.1, no Microsoft product can connect to any site via a secure channel, specifically TLS channels.
Internet Explorer 11 can connect to http web sites (e.g. msn), but will not connect to any https web sites (e.g. login.live.com, google). Attempting to connect to an https site results in 'This page cannot be displayed'. Other browsers, for example Firefox and Chrome, can connect to https web sites perfectly well.
On its own that wouldn't be an issue, we could just use Firefox (which is our default browser anyway), however every single Microsoft product uses the same settings and transports as Internet Explorer, and so none of those can connect to secure sites either.
This means that Windows Update won't work, and that we cannot register any Microsoft software (e.g. Office, Visual Studio, etc). Attempting to do so results in 'A communication error has occurred.'
Sometimes it gives an error code, for example attempting to activate Office gives 'A communication error has occured. Please verify that you have connectivity to the Internet and try again (0x80072F8F).
Googling that code suggests checking the BIOS date and time (we did, all correct) and resetting Internet settings (we did, to no avail).
We had the same problem crop up on Windows 7 after a Windows Update, which we fixed by going into Internet Options and disabling TLS 1.0 and re-registering some DLLs, however that hasn't fixed the issue here.
Other things we've tried are:-
Disabling SPDY/3
Disabling SSL 2.0
Every combination of enabled and disabled TLS 1.0, 1.1 and 1.2
Disabling Enhanced Protected Mode
Clearing SSL state
Uninstalling Internet Explorer 11
As I mentioned at the start, this only affects Microsoft products, anything from other companies or anything we write ourselves works perfectly, which would suggest there's some specific settings or code that Microsoft use that is the root of the issue.
Anyone else had this and managed to solve it?
I had this same problem with IE and this is what fixed it for me.
You should open a Command Prompt as Administrator and run the following commands:
regsvr32 Softpub.dll /s
regsvr32 Initpki.dll /s
regsvr32 Wintrust.dll /s
regsvr32 Mssip32.dll /s
Restart your computer and try accessing the HTTPS sites again with IE. These commands re-register the Dynamic-link library files which are called when you connect to an HTTPS site using Windows programs.
Here is the Windows support page which had this info:
https://support.microsoft.com/en-us/help/813444/you-cannot-log-in-to-or-connect-to-secured-web-sites-in-internet-explo
I had this same problem with trying to access domains in Powershell over HTTPS, but Google Chrome could access the HTTPS sites just fine on the same machine, so I knew it was a Windows-system issue and not a networking issue.
Hope this helps. Good luck!
I've installed a wildcard SSL certificate for two subdomains that I'm working on for an organization. This is the first time I've worked with wildcard certificates, and I missed installing the intermediate certificate when I first set this up, which resulted in certificate revocation messages when I first tried to load them. I've reloaded the certificates correctly, and both subdomains check out now using http://www.sslshopper.com/ssl-checker.html.
The sites appear to load fine everywhere except on the two machines (Mac Laptop & Vista Desktop) that I use to develop on, where they're still showing revoked. I've tried to refresh my local CRLs using the following commands:
certutil -setreg chain\ChainCacheResyncFiletime #now (Vista)
and
crlrefresh r p (mac)
I've restarted both computers and cleared browser caches but am still not able to access. How can I get my local machines to forget that the certificate was initially revoked?
I needed to ask the organization I'm working with to regenerate the certificate. I installed that one and everything's good to go now.