Setup an HTTPS Certificate Authority with Google Chrome
Sources:
NOTE
This note was originally researched while setting up the Obsidian Local REST API Plugin which is utilized by the Obsidian Web Browser Extension.
title: Contents
style: nestedList # TOC style (nestedList|inlineFirstLevel)
minLevel: 1 # Include headings from the specified level
maxLevel: 4 # Include headings up to the specified level
includeLinks: true # Make headings clickable
debugInConsole: false # Print debug info in Obsidian consoleOverview
Web Browsers use Secure Sockets Layer (SSL) to encrypt traffic between client systems and server computers to protect confidential data such as social security information and credit card details. For an SSL Certificate to work properly, the entity that issued the certificate (also known as a Certificate Authority (CA)) must also be trusted by the web browser, which involves installing the issuer certificate so the browser knows that issuer is valid and reliable.
Commonly used certificate authorities, such as Verisign, DigiCert, and Entrust, are automatically trusted by most browsers. However, if you use an untrusted internal certificate authority to generate SSL Certificates for internal resources, you will be nagged by your browser when you attempt to connect.
You can configure your system(s) to trust all certificates from a certificate authority by installing that system’s SSL certificate as a trusted root certificate authority. That way, the web browser will never prompt you again about accessing any site with a certificate from that CA.
NOTE
This note focuses on Google Chrome, Microsoft Edge, and Mozilla FireFox. Steps listed here are accurate at the time of this writing, but future versions of these browsers may involve different menu options.
Obtain the CA Certificate
First, you need to get a copy of the SSL Certificate from the Certificate Authority (CA) in DER format.
Manage Chrome Certificate Settings
- Navigate to
chrome://settings/securityin the browser - Select “Manage Certificates”:
- Choose “Trusted Root Certificate Authorities” Tab and Select “Import”:
