This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store
I am running a web app on Linux where I dont think anyone will look at it besides myself called node red looking to run the web app on TLS with certs.
Going off this tutorial to generate these two files: key.pem cert.pem
that are required to run the web app on TLS/SSL from this tutorial.
My browser throws this error, I think because I am not using a Trusted CA. Is there a way for the browser to ignore this or add it to a list of trusted sites/CA on my Windows 10 PC that I use to check the web app in Chrome?
Yes, anyone can create a self-signed certificate for every domain. If I follow your procedure with let’s say microsoft.com, will this make a trustfully certificate ?
Then there are multiple options :
- distribute your certificate via a trustred channel to all your client and make them install it in their trusted certificate base, (the procedure depends of your navigator, and perhaps needs a DER format certificate instead of PEM. OpenSSL can translate it for you)
- purchase a certificate which is trusted by most navigators,
- use letsencrypt. (https://letsencrypt.org/)
The last two options seems me preferable, but if you persist with the first option, the actual navigator you use is a needed information.
For example, on Windows for IE or Edge, you open MMC, add a plugin certificate and add a certificate among the trusted root certification authorities. (Trusted Root certification authorities/certificates/right click:all tasks/import)
On Firefox, in the main menu (right top, just under the cross to close the window), options, privacy and security, views certificates, import.
The cert.pem
Is the required file.