[Bug]: Securing sites via Herd returns a CERT_AUTHORITY_INVALID error

[genericmilk]

Operating system version

macOS Ventura 13.4.1 (c)

System architecture

ARM64 (M1, M2, etc)

Herd Version

1.0.8 (Build: 10)

PHP Version

PHP 8.2.6 (cli) (built: Jun 2 2023 23:59:34) (NTS)

Bug description

Securing Laravel applications in Herd results in the site returning a NET::ERR_CERT_AUTHORITY_INVALID response in Chrome. Unsecuring the site also no longer returns the site to http:// (Non SSL).

This has been the case on 2 machines (Both M1 Max) that have both been ported from Laravel Valet###

Steps to reproduce

1. Create a new laravel site in a parked folder using laravel new test
2. Visit http://test.test in the browser and note it is non SSL.
3. Using Herd's sites manager click the padlock icon for test.test
4. Reload the page
5. Chrome displays a NET::ERR_CERT_AUTHORITY_INVALID message
6. Clicking the padlock again does not revert the site to non SSL

Relevant log output

No response

[genericmilk]

(It's worth noting that this works when using herd secure in the root folder of the project)

[mpociot]

So running herd secure via CLI works for you, but not via the UI? 🤔

[genericmilk]

Yeah bit of a weird one. Herd UI reports it as secured and following up with a herd secure fixes the SSL cert:

[genericmilk]

Here's a chain of screenshots to better illustrate with me making a new laravel app example:

(Note this is running http / non ssl)

The padlock is clicked to secure the site

The certificate error occurs `herd secure` is run manually in project root The cert attaches properly

[pierrepavlov]

Hi! Just wanted to add to this that I currently experience the same problem. Similar setup as @genericmilk and also ported from Valet.
Not sure where the certificate created by Herd is located though since I can't find it in ~/.config/valet/Certificates.

[genericmilk]

I don't know if it's any help also but I am asked for sudo (root) when using herd secure in the terminal but not in the Herd app. It's possibly a case that a command is failing which needs super user access perhaps? (Just guessing here as I have no idea lol!)

[mpociot]

We just fixed this issue locally and will release a new version shortly 👍