Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
Lizard2022-01-17 00:33:44
Nginx
Lizard, 2022-01-17 00:33:44

How to bypass ERR_CERT_DATE_INVALID when setting up a site on LAN?

Hello.
I am building a local site. Now I need it to work over https from all devices within the local network. To do this, I generated certificates using mkcert. Locally, on the computer on which it was generated, the site opens, everything is fine.
61e48e59a8aad545602612.png
But when I try to access the site from another device within the local network, the ERR_CERT_DATE_INVALID error appears.
I found the root certificate and registered it in the apache2 settings

[email protected]:~/ssl$ mkcert -CAROOT
/home/lzrdrt/.local/share/mkcert
[email protected]:~/ssl$ ls -la /home/lzrdrt/.local/share/mkcert
итого 16
drwxr-xr-x  2 lzrdrt lzrdrt 4096 янв 10 23:21 .
drwxrwxr-x 10 lzrdrt lzrdrt 4096 янв 17 00:30 ..
-r--------  1 lzrdrt lzrdrt 2484 янв 10 23:21 rootCA-key.pem
-rw-r--r--  1 lzrdrt lzrdrt 1647 янв 10 23:21 rootCA.pem

<VirtualHost *:443>
    ServerName 192.168.1.4
    ServerAdmin [email protected]
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateChainFile /home/lzrdrt/ssl/rootCA.pem
    SSLCertificateFile      /home/lzrdrt/ssl/pepega.com.pem
    SSLCertificateKeyFile /home/lzrdrt/ssl/pepega.com-key.pem

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

But it didn't work, any ideas?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
Armenian Radio, 2022-01-17
@gbg

Do not engage in collective farming, but just get a certificate from LetsEncrypt

Report
K
ky0, 2022-01-17
@ky0

If there is a real need (which happens, IMHO, quite rarely) for it to work on several devices, distribute the root certificate that was used to sign. But in general, if there are not dozens of devices, it's easier to add them to the exceptions by hand.
In general, it is quite possible to test without encryption, adding it at the stage of publishing on the Internet. Well, or, as correctly noted above, issue a valid certificate for the domain via LE, it is especially convenient in this case to confirm via DNS.

Report
C
CityCat4, 2022-01-17
@CityCat4

If there is no need to use a local certificate - order it on LE - it is just for such cases - for local, test, Dishman servers.

Similar questions
A
Andrew2014-04-07 14:27:59
Where do the spaces before come from? 6Reply
S
shamyyl2016-05-27 20:42:41
Why is nginx always returning 404? 1Reply
A
Alexey2016-05-29 12:13:38
Why empty Content-Type in nginx, php-fpm bundle? 0Reply
A
Artyom Brykin2018-10-30 08:09:26
Is it possible to make authorization in a private Docker registry over SSL? 1Reply
F
fman22016-06-01 13:44:27
What could be the problem with PHP5 long response? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question