You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since Chrome 105, they launched a feature called Chrome Root Store and Certificate Verifier, which is used to verify certificates independently instead of verifying by the operating system.
This feature will not trust all self-signed certificates, even if they have been added to the Trusted Root Certification Authorities store.
And also according to this article, adding the --enable-features=ChromeRootStoreUsed / --disable-features=ChromeRootStoreUsed flag when starting Chrome will enable (default) / disable this feature.
The text was updated successfully, but these errors were encountered:
@paulirish Chrome versions < 105 use platform certificate verification, meaning that any certificate that only needs to be added to the Trusted Root Certification Authorities store will be trusted when accessing HTTPS.
But from Chrome version 105 onwards, they have Chrome Root Store and Certificate Verifier instead of platform certificate verifier. This means that all certificates (not just self-signed certificates) that are not in the Chrome Root Store will receive a Your connection is not private warning that includes a message that reads NET::ERR_CERT_AUTHORITY_INVALID.
The flag --enable-features=ChromeRootStoreUsed has the function of enabling the use of Chrome Root Store and Certificate Verifier. However, this functionality is enabled by default, so this flag is not needed.
Conversely, the flag --disable-features=ChromeRootStoreUsed simply means that it will disable the use of Chrome Root Store and Certificate Verifier, reverting to the use of platform certificate verifiers. This is useful for those who want to use self-signed certificates or whose certificate provider has not been/is not included in the Chrome Root Store.
Since Chrome 105, they launched a feature called
Chrome Root Store and Certificate Verifier
, which is used to verify certificates independently instead of verifying by the operating system.This feature will not trust all self-signed certificates, even if they have been added to the Trusted Root Certification Authorities store.
And also according to this article, adding the
--enable-features=ChromeRootStoreUsed
/--disable-features=ChromeRootStoreUsed
flag when starting Chrome will enable (default) / disable this feature.The text was updated successfully, but these errors were encountered: