Skip to content

Set up web browser to treat your local IP as secure origin

Jump to bottom
Florian Quirin edited this page Feb 20, 2020 · 2 revisions

The problem

Over the last years web browsers like Chrome and Firefox have restricted more and more browser features to be used only with so called "secure origin" which means the website has to have a valid SSL certificate and must start with https. This applies for example to the use of the microphone and location tracking.
In general this decision is to be welcomed but it can be quite frustrating for self-hosted frameworks like SEPIA because these restrictions apply even when everything is located in your own private network. While the whole framework can be configured to use officially signed SSL certificates (e.g. by Let's Encrypt) it usually takes a lot more effort to set them up and is not very practical if you are still testing or developing.
Fortunately some browsers can be configured to always "trust" your local servers by defining certain exceptions to the rule. Below you will find instructions on how to define these exceptions.

Chrome/Chromium

Scott Carmichael wrote a nice and short article about it here. Basically what you need to do is:

  • Open chrome://flags/#unsafely-treat-insecure-origin-as-secure in your browser
  • Find and enable the Insecure origins treated as secure section
  • Add any addresses you want to trust. Remember to include the port number (if required), e.g.: http://192.168.0.10:20721, http://192.168.0.10:20726 (SEPIA default ports for assist-server and proxy)
  • Save and restart Chrome
Clone this wiki locally