文档章节

Chrome 显示 err_cert_authority_invalid 的处理方式

小杨阿哥哥
 小杨阿哥哥
发布于 2017/03/15 12:33
字数 462
阅读 45
收藏 0
前段时间将本站的 SSL 证书改为 AlphaSSL 的泛域名证书,今天突然发现用 chrome 访问会报err_cert_authority_invalid错误,网上找了一下,解决办法就是,粘贴下面的证书放在crt 文件的后面。
-----BEGIN CERTIFICATE-----
MIIETTCCAzWgAwIBAgILBAAAAAABRE7wNjEwDQYJKoZIhvcNAQELBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gHs5OxzYPt+j2q3xhfj
kmQy1KwA2aIPue3ua4qGypJn2XTXXUcCPI9A1p5tFM3D2ik5pw8FCmiiZhoexLKL
dljlq10dj0CzOYvvHoN9ItDjqQAu7FPPYhmFRChMwCfLew7sEGQAEKQFzKByvkFs
MVtI5LHsuSPrVU3QfWJKpbSlpFmFxSWRpv6mCZ8GEG2PgQxkQF5zAJrgLmWYVBAA
cJjI4e00X9icxw3A1iNZRfz+VXqG7pRgIvGu0eZVRvaZxRsIdF+ssGSEj4k4HKGn
kCFPAm694GFn1PhChw8K98kEbSqpL+9Cpd/do1PbmB6B+Zpye1reTz5/olig4het
ZwIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOgYE
VR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hbHBoYXNzbC5jb20vcmVw
b3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWdu
Lm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHA6
Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAfBgNVHSMEGDAWgBRge2YaRQ2X
yolQL30EzTSo//z9SzANBgkqhkiG9w0BAQsFAAOCAQEAYEBoFkfnFo3bXKFWKsv0
XJuwHqJL9csCP/gLofKnQtS3TOvjZoDzJUN4LhsXVgdSGMvRqOzm+3M+pGKMgLTS
xRJzo9P6Aji+Yz2EuJnB8br3n8NA0VgYU8Fi3a8YQn80TsVD1XGwMADH45CuP1eG
l87qDBKOInDjZqdUfy4oy9RU0LMeYmcI+Sfhy+NmuCQbiWqJRGXy2UzSWByMTsCV
odTvZy84IOgu/5ZR8LrYPZJwR2UcnnNytGAMXOLRc3bgr07i5TelRS+KIz6HxzDm
MTh89N1SyvNTBCVXVmaU6Avu5gMUTu79bZRknl7OedSyps9AsUSoPocZXun4IRZZ
Uw== 
-----END CERTIFICATE-----
如果后续再出现类似的情况的话,可以在 https://www.alphassl.com/support/install-root-certificate.html查看最新的中间证书。  

What are Intermediate CA certificates? All customers installing an AlphaSSL Certificate will need to install the Alpha CA Intermediate CA onto their web servers.  The installation needs to only be conducted once.  Once installed, all browsers, applications and mobiles will trust AlphaSSL Certificates transparently. The Intermediate CA certificate needs only be installed on the web server and does NOT need to be installed by visitors to your web site.

  Why does AlphaSSL use an Intermediate CA certificate? AlphaSSL has always adopted a high security model when issuing digital certificates.  We use a trust chain that ensures that the primary root CA used to create the Alpha CA Intermediate CA (i.e. the GlobalSign Root CA certificate that is pre-installed with all browsers, applications and mobiles) is “offline” and kept in a highly secure environment with stringently limited access.  This means the root CA is not used to directly sign end entity SSL Certificates, as such AlphaSSL employs a best practices approach for it Public Key Infrastructure therefore protecting against the major effects of a “key compromise”.  For example, a key compromise of the primary Root CA would render the root and all certificates issued by the root untrustworthy, and because we keep our root offline this (somewhat unlikely event) is significantly less likely to happen. The use of Intermediate CAs is utilized by all major Certification Authorities because of the extra security level they provide.  

tips:

本文由wp2Blog导入,原文链接:http://devonios.com/chrome-err_cert_authority_invalid.html

© 著作权归作者所有

小杨阿哥哥
粉丝 69
博文 482
码字总数 287109
作品 0
西安
后端工程师
私信 提问
Nginx配置http到https的跳转

在nginx的配置文件中增加: 通过systemctl reload nginx生效配置 通过Edge访问http地址时,实现自动跳转,但是通过chrome时会有问题: 搜索NET::ERRCERTAUTHORITY_INVALID可以看到相关的解答...

莫在全
09/09
49
0
Playing with QUIC

选择一个QUIC代码源 下面的说明是用来基于chromium代码库编译QUIC代码。在Chrome支持的任何平台上,这里的说明都能保证是有效的,遇到问题时可以查看一些扩展的故障排查的文档。如果你不想c...

WolfCS
2016/10/10
528
0
如何解决这个chrome错误?

Your connection is not private Attackers might be trying to steal your information from mail.google.com (for example, passwords, messages, or credit cards). ReloadAdvanced NET::......

程更新
2015/08/13
10.9K
2
Chrome 55 Beta 支持 async/await,输入处理改进

Chrome 55 Beta 发布了:输入处理改进、Async 和 await 功能、CSS 自动断字。 1、输入处理改进 随着移动网络使用的普及,网站对触摸输入做出良好反应的重要性也日益增加。在过去,这意味单独...

王练
2016/10/27
3.1K
12
从Chrome源码看HTTPS

我在《https连接的前几毫秒发生了什么》详细地介绍了https连接的过程,该篇通过抓包工具分析整个过程,本篇将从Chrome源码的角度着重介绍加密和解密的过程,并补充更多的细节。 Chrome/Chrom...

人人网FED
2018/02/26
0
0

没有更多内容

加载失败,请刷新页面

加载更多

HashMap源码分析

read

V丶zxw
37分钟前
4
0
Python字符串或JSON字符串转字典dict、列表list

有3种方法 1、使用ast模块 >>> import ast>>> s = '["test",1]'>>> ast.literal_eval(s)['test',1]>>> s = '{"test":1}'>>> ast.literal_eval(s){'test': 1} 2、eval函数,这个......

编程老陆
55分钟前
5
0
【JS复习笔记】03 继承(从ES5到ES6)

本文转载于:专业的前端网站➫【JS复习笔记】03 继承(从ES5到ES6) 前言 很久以前学习《Javascript语言精粹》时,写过一个关于js的系列学习笔记。 最近又跟别人讲什么原型和继承什么的,发现...

前端老手
59分钟前
8
0
简单动态网站搭建

如何在windows服务器上配置wordPress和discuz 网站建设中的概念讲解 网站建设的基础操作 网站程序的基础使用 网站程序的优化 简单动态网站搭建 软件部署 域名和主机的购买 域名解析 环境部署...

达达前端小酒馆
今天
6
0
Java每日面试题_03

15、构造器是否可被override constructor(构造器)不能被继承,所以不能被override(重写),但是可以被overloading(重载)。 16、抽象类和接口的区别 抽象类是什么 含有abstract修饰符的class即...

庭前云落
今天
6
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部