Purpose

Prevent Chrome from displaying oleore certificate warnings. The domain is ʻore.example.com`.

procedure

Host change on the host side

Add the following settings. * For Windows 10

`/C/Windows/System32/drivers/etc/hosts`



127.0.0.1 ore.example.com

Create SSL certificate

Create a private key

openssl genrsa -out ore.example.com.server.key 2048

Create a CSR Certificate Signing Request

openssl req -new -key ore.example.com.server.key -out ore.example.com.server.csr

Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Tokyo
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or Your name) []:ore.example.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Set SAN value

The domain is a wildcard. * It didn't work when I set it to ore.example.com The IP is the IP address of the host's local area network. * Change as appropriate

echo "subjectAltName = DNS:*.example.com, IP:192.168.xxx.xxx" > san.txt

Create a server certificate

openssl x509 \
  -req \
  -sha256 \
  -days 3650 \
  -signkey ore.example.com.server.key \
  -in ore.example.com.server.csr \
  -out ore.example.com.server.crt \
  -extfile san.txt

(Optional) Check the server certificate

openssl x509 -in ore.example.com.server.crt -text -noout

Register my certificate with Chrome

Open Chrome's Settings.
Select Security from the Privacy & Security menu.
Select Manage Certificates (a settings box will appear)
Click Import in the settings box
Click Next on the description screen
Select the ʻore.example.server.crtfile you just created and clickNext`
Change the certificate store to Trusted Root Certification Authorities and click Next
Click Done on the final confirmation screen
Click Yes if you get a security warning

[LINUX] Don't show me certificate warnings in Chrome