New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't connect to openssl s_server with Chrome browser with ECC server cert #60
Comments
I suspect it may be because the certificate subject ( |
There is a name mismatch in the test that used the software based keys, too. If you click Advanced, you can bypass that warning and proceed to the site. By contrast, Chrome doesn't let you bypass
Do you see the same thing on your setup? |
Another data point: if I have the TPM generate an RSA privkey/cert rather than ECC, Chrome is now able to connect:
For RSA, Chrome shows the expected |
I'm testing 1.2.0-rc0. When I try to set up a trivial webserver with a self-signed certificate and visit it from Chrome, I see a weird
NET::ERR_CERT_INVALID
error:In this case I don't have an option under Advanced to bypass the certificate warning, which you'd normally see with a webserver using a self-signed cert.
Here is my procedure:
If I try to connect with openssl rather than Chrome, I don't get any errors:
Likewise, Firefox 110.0.1 is able to connect after bypassing the cert warning.
If I use software based keys instead of the TPM2, Chrome lets me connect after bypassing the (expected)
NET::CERT_AUTHORITY_INVALID
warning:This is Chrome 109.0.5414.119 on Linux.
The text was updated successfully, but these errors were encountered: