Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
Lizard2022-01-17 00:33:44
Nginx
Lizard, 2022-01-17 00:33:44

How to bypass ERR_CERT_DATE_INVALID when setting up a site on LAN?

Hello.
I am building a local site. Now I need it to work over https from all devices within the local network. To do this, I generated certificates using mkcert. Locally, on the computer on which it was generated, the site opens, everything is fine.
61e48e59a8aad545602612.png
But when I try to access the site from another device within the local network, the ERR_CERT_DATE_INVALID error appears.
I found the root certificate and registered it in the apache2 settings

[email protected]:~/ssl$ mkcert -CAROOT
/home/lzrdrt/.local/share/mkcert
[email protected]:~/ssl$ ls -la /home/lzrdrt/.local/share/mkcert
итого 16
drwxr-xr-x  2 lzrdrt lzrdrt 4096 янв 10 23:21 .
drwxrwxr-x 10 lzrdrt lzrdrt 4096 янв 17 00:30 ..
-r--------  1 lzrdrt lzrdrt 2484 янв 10 23:21 rootCA-key.pem
-rw-r--r--  1 lzrdrt lzrdrt 1647 янв 10 23:21 rootCA.pem

<VirtualHost *:443>
    ServerName 192.168.1.4
    ServerAdmin [email protected]
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateChainFile /home/lzrdrt/ssl/rootCA.pem
    SSLCertificateFile      /home/lzrdrt/ssl/pepega.com.pem
    SSLCertificateKeyFile /home/lzrdrt/ssl/pepega.com-key.pem

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

But it didn't work, any ideas?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
Armenian Radio, 2022-01-17
@gbg

Do not engage in collective farming, but just get a certificate from LetsEncrypt

Report
K
ky0, 2022-01-17
@ky0

If there is a real need (which happens, IMHO, quite rarely) for it to work on several devices, distribute the root certificate that was used to sign. But in general, if there are not dozens of devices, it's easier to add them to the exceptions by hand.
In general, it is quite possible to test without encryption, adding it at the stage of publishing on the Internet. Well, or, as correctly noted above, issue a valid certificate for the domain via LE, it is especially convenient in this case to confirm via DNS.

Report
C
CityCat4, 2022-01-17
@CityCat4

If there is no need to use a local certificate - order it on LE - it is just for such cases - for local, test, Dishman servers.

Similar questions
V
vovkka2018-04-16 14:53:32
How to solve the magic 404 status in bitrix? 3Reply
A
alexnotonfire2015-12-08 22:35:13
How to handle requests for subdomains in a Rails application? 1Reply
C
Chvalov2015-12-09 13:49:33
What is the advantage of using apache+nginx in what cases is it used? 5Reply
P
pantsarny2015-12-10 19:50:55
How to view and analyze Yii2 / Nginx error logs? 4Reply
N
Nday0012020-05-26 14:48:09
nginx. How to redirect http requests to different machines depending on the URI? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question