Getting Chrome to Accept Self-signed Localhost Certificate

Better Stack Team
Updated on October 7, 2024

To get Chrome to accept a self-signed SSL certificate for localhost, you'll need to add the certificate to the system's trusted root certificate store. Here's how to do it:

Step 1: Generate a Self-signed Certificate for localhost

Follow the steps below to generate a self-signed certificate specifically for localhost.

  1. Generate the Private Key:

     
    openssl genpkey -algorithm RSA -out localhost.key -aes256
    
  2. Create a Certificate Signing Request (CSR):

     
    openssl req -new -key localhost.key -out localhost.csr
    

    When prompted, make sure to set the Common Name (CN) to localhost.

  3. Generate the Self-signed Certificate:

     
    openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt
    

Step 2: Install the Certificate in the Trusted Root Certificate Store

On Windows:

  1. Double-click the localhost.crt file.
  2. Click on the "Install Certificate" button.
  3. Choose "Local Machine" and click "Next."
  4. Select "Place all certificates in the following store" and browse to "Trusted Root Certification Authorities."
  5. Complete the wizard by clicking "Next" and "Finish."
  6. Restart Chrome to apply the changes.

On macOS:

  1. Open the Keychain Access application.
  2. Drag and drop the localhost.crt file into the System keychain or login keychain.
  3. Right-click the certificate and select Get Info.
  4. Expand the "Trust" section and set "When using this certificate" to Always Trust.
  5. Close the window, and you may be prompted to enter your password to confirm the changes.
  6. Restart Chrome to apply the changes.

On Linux:

  1. Copy the certificate to the /usr/local/share/ca-certificates/ directory:

     
    sudo cp localhost.crt /usr/local/share/ca-certificates/localhost.crt
    
  2. Update the CA certificates:

     
    sudo update-ca-certificates
    
  3. Restart Chrome to apply the changes.

Step 3: Accessing localhost with HTTPS in Chrome

Now that the certificate is trusted, you should be able to access https://localhost in Chrome without receiving a certificate warning.

If you still see a warning, you might need to clear your browser's cache or reset Chrome's SSL state:

  1. Go to chrome://net-internals/#ssl.
  2. Click the "Clear SSL state" button.
  3. Restart Chrome.

This process ensures that Chrome will accept your self-signed certificate for localhost, allowing you to develop securely using HTTPS.

Got an article suggestion? Let us know
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.