docker-magento icon indicating copy to clipboard operation
docker-magento copied to clipboard

Published 20 hours ago verified publisher icon markshust

Invalid SSL Ubuntu 22.04

Open Axel29 opened this issue 2 years ago • 9 comments

Description

I tried many times to run the bin/setup-ssl {domain} script but no matter what, it never seems to generate a valid certificate. Maybe this is because of an old "certutil" certificate that is still present on my computer somehow? I don't really know.

Steps To Reproduce

  1. Install an existing project with the domain thesages.test
  2. Run the bin/setup-ssl thesages.test command

Expected Result

  1. The frontend SSL is valid

Actual Result

  1. The frontend SSL is invalid

Here are screenshots of everything from Chrome and Firefox if it can help:

  • Chrome error page detail:

image

  • Chrome certificate details:

image

  • Firefox error page detail:

image

  • Firefox certificate details:

image

  • bin/setup-ssl thesages.test output:

image

  • bin/setup-ssl-ca thesages.test && bin/setup-ssl thesages.test output:

image

Thanks for your time.

Axel29 avatar Sep 29 '22 17:09 Axel29

@Axel29 Try import rootCA.pem to firefox: Settings -> Privacy & Security -> Certificates ->View Certificates -> Authorities -> Import and select rootCA.pem witch must located in ~/Sites/thesages/ after execute command bin/setup-ssl thesages.test. Work for me on Arch

k1ng0d1n avatar Oct 20 '22 12:10 k1ng0d1n

@Axel29 Try import rootCA.pem to firefox: Settings -> Privacy & Security -> Certificates ->View Certificates -> Authorities -> Import and select rootCA.pem witch must located in ~/Sites/thesages/ after execute command bin/setup-ssl thesages.test. Work for me on Arch

Indeed it worked for me, even for Chrome, thanks a lot!

If someone is looking at this, here's how to do it on Chrome:

  1. Go to Settings > Privacy and security > Security > Manage certificates > Authorities
  2. Click "Import"
  3. Import your rootCA.crt file, it should be in /usr/local/share/ca-certificates/rootCA.crt

Although this method works, it would be great if we could have a fix for the script that would work out of the box, without requiring manual imports like that.

Axel29 avatar Oct 20 '22 15:10 Axel29

@Axel29 Try import rootCA.pem to firefox: Settings -> Privacy & Security -> Certificates ->View Certificates -> Authorities -> Import and select rootCA.pem witch must located in ~/Sites/thesages/ after execute command bin/setup-ssl thesages.test. Work for me on Arch

Indeed it worked for me, even for Chrome, thanks a lot!

If someone is looking at this, here's how to do it on Chrome:

  1. Go to Settings > Privacy and security > Security > Manage certificates > Authorities
  2. Click "Import"
  3. Import your rootCA.crt file, it should be in /usr/local/share/ca-certificates/rootCA.crt

Although this method works, it would be great if we could have a fix for the script that would work out of the box, without requiring manual imports like that.

I installed magento2.4.6 on vps (ubuntu 22.04), according to your method, the SSL problem is still not resolved.

AngeloZou avatar Jun 11 '23 13:06 AngeloZou

It'd be nice to get a confirmation from someone that the suggested fix does indeed work. If it does, we should definitely get this added to the readme!

markshust avatar Jul 10 '23 19:07 markshust

I see a lot of people are confused about mkcert, because it doesn't work. Especially most Ubuntu users. The best solution is to remove mkcert, and install the Let's Encrypt SSL Certificate.

I hope mark can make a tutorial to make it easier for more people to use magento, right? :)

AngeloZou avatar Jul 15 '23 17:07 AngeloZou

@Axel29 Try import rootCA.pem to firefox: Settings -> Privacy & Security -> Certificates ->View Certificates -> Authorities -> Import and select rootCA.pem witch must located in ~/Sites/thesages/ after execute command bin/setup-ssl thesages.test. Work for me on Arch

Indeed it worked for me, even for Chrome, thanks a lot!

If someone is looking at this, here's how to do it on Chrome:

  1. Go to Settings > Privacy and security > Security > Manage certificates > Authorities
  2. Click "Import"
  3. Import your rootCA.crt file, it should be in /usr/local/share/ca-certificates/rootCA.crt

Although this method works, it would be great if we could have a fix for the script that would work out of the box, without requiring manual imports like that.

For me this worked in Brave on Ubuntu 22.04

holzkern avatar Aug 03 '23 09:08 holzkern

Hello @markshust Thank you for this beautiful docker tool for Magento.

I fixed it on my local like this: Open Settings -> Privacy and security -> Security -> Manage device certificates -> Authorities And import Sites/magento/rootCA.pem

May be needed to restart the browser and/or project.

My setup is: Ubuntu 23.04 Chrome 117

Alternatively, you can disable the SSL check for localhost:

image

chrome://flags/#allow-insecure-localhost

pisarkov avatar Oct 05 '23 16:10 pisarkov

Hello @markshust Thank you for this beautiful docker tool for Magento.

I fixed it on my local like this: Open Settings -> Privacy and security -> Security -> Manage device certificates -> Authorities And import Sites/magento/rootCA.pem

May be needed to restart the browser and/or project.

My setup is: Ubuntu 23.04 Chrome 117

Thank you, solved it for me. Headache finally over

JTheJackal avatar Jul 04 '24 10:07 JTheJackal

Thanks for the updates. I'd love to take in a PR which adds this to the readme or CLI command after running this on Linux!

markshust avatar Jul 09 '24 19:07 markshust