Reply

Re: Self signed certificate error in Chrome 59

RupertGiles
Apprentice

Self signed certificate error in Chrome 59

The self-signed certificate from the ReadyNAS O/S is no longer considered valid by Chrome 59. There are two errors:

  • Subject Alternative Name Missing
  • There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

Any plans for getting this fixed in a future release? I'd have thought it would have been taken care of with 6.7.5.

OS X (Sierra 10.12.5) Google Chrome Version 59.0.3071.115 (Official Build) (64-bit)

 

Model: RN31400|ReadyNAS 300 Series 4-Bay
Message 1 of 9

Accepted Solutions
StephenB
Guru

Re: Self signed certificate error in Chrome 59


@RupertGiles wrote:

It would be nice to never have to see that warning.


True.  I used to use firefox with the NAS, since it's very simple to add a security exception there.  But the click-through has become pretty automatic (which of course defeats it's purpose).

View solution in original post

Message 8 of 9

All Replies
StephenB
Guru

Re: Self signed certificate error in Chrome 59

 

Just wondering - did you try regenerating the cert?

Message 2 of 9
RupertGiles
Apprentice

Re: Self signed certificate error in Chrome 59

Yes indeed. On Chrome 59, it's More Tools/Developer Tools/View Certificate

I dragged the certificate to the desktop, then deleted the existing certificate in Keychain, and finally, imported the certificate from my desktop and set the permissions to "Always Trust".

 

What's changed (from what I've gathered off Google boards) is the requirement for the SAN.

If I've missed something in my procedure, please let me know, and I'll retry. Thanks!

Message 3 of 9
StephenB
Guru

Re: Self signed certificate error in Chrome 59

I meant regenerate the cert on the NAS.  I don't think the firmware upgrades do that automatically.

 

You'd do this in system->settings->services->https.  It should regenerate the cert if you simply enter "apply".  

 

But you could change the SSL key host, apply, then change it back, apply again if you want to be certain.

 

Message 4 of 9
RupertGiles
Apprentice

Re: Self signed certificate error in Chrome 59

Yes, I did think of that and try that. As noted, this only started with Chrome 59. Apparently, the requirement for a SAN which previously was optional, is what's tripping things up. 

Message 5 of 9
StephenB
Guru

Re: Self signed certificate error in Chrome 59

I've just clicked through the warnings for years, and Chrome 59 (running on Windows 10) still lets me access the NAS.

 

At the moment, it's not giving me a warning, it just connects - not sure if something changed, or if Chrome is somehow caching my previous click-throughs.  

 

I am running 6.8.0-T54 on the NAS. My SSL key host is a name, not the IP address.

Message 6 of 9
RupertGiles
Apprentice

Re: Self signed certificate error in Chrome 59

Yes, absolutely...I didn't mean to imply that I couldn't gain access--only that there is always that damn certificate warning to click through the first time you access FrontView in a given browser session. It would be nice to never have to see that warning.

Message 7 of 9
StephenB
Guru

Re: Self signed certificate error in Chrome 59


@RupertGiles wrote:

It would be nice to never have to see that warning.


True.  I used to use firefox with the NAS, since it's very simple to add a security exception there.  But the click-through has become pretty automatic (which of course defeats it's purpose).

View solution in original post

Message 8 of 9
RupertGiles
Apprentice

Re: Self signed certificate error in Chrome 59

I made another go at regenerating the certificate, and this time it worked! 

 

Thanks the suggestion.

Message 9 of 9
Top Contributors
Discussion stats
  • 8 replies
  • 5270 views
  • 2 kudos
  • 2 in conversation
Announcements