Why Chrome Says IIS Express HTTPS Is Not Secure And How to Resolve That
Jexus Manager can be downloaded from https://www.jexusmanager.com
Recently Google updates Chrome to warn on certificates, who only contains CN (Common Name) but no corresponding SAN (Service Alternative Name). This leads to the following error message if you try to test out HTTPS pages on IIS Express by using the default certificate,
Your connection is not private Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
If you search around, there are many methods to fix this issue. So below I only demonstrate how to use Jexus Manager to quickly resolve it.
Step 1: Generate a new certificate to match Chrome’s requirements.
The details can be found in this article, and for this specific case, you should set “localhost” as custom name, and give the certificate a friendly name (“new” for example). All other fields can use the default values.
Step 2: Let Windows trust this certificate
So in just a few clicks you can get it done.
Step 3: Change the site binding to use the new certificate
Go back to the site binding dialog and choose the new certificate instead,
and Chrome is now happy to accept it,