Tjyylli

Concatenating two int[]

Should a cast be used to truncate a long variable?

Lightning Data Table inline edit

Are the positive and negative planes inner or outer planes in the Great Wheel cosmology model?

Why did Mr. Elliot have to decide whose boots were thickest in "Persuasion"?

Can a player sacrifice a creature after declaring that creature as blocker while taking lethal damage?

Does it take energy to move something in a circle?

What's the oldest plausible frozen specimen for a Jurassic Park style story-line?

Boss asked me to sign a resignation paper without a date on it along with my new contract

What is a good reason for every spaceship to carry gun on board?

Is there a file that always exists and a 'normal' user can't lstat it?

Converting very wide logos to square formats

Article. The word "Respect"

"Starve to death" Vs. "Starve to the point of death"

Does diversity provide anything that meritocracy does not?

Is there a verb that means to inject with poison?

How do I avoid the "chosen hero" feeling?

What does an unprocessed RAW file look like?

How much light is too much?

Need help with a circuit diagram where the motor does not seem to have any connection to ground. Error with diagram? Or am i missing something?

Book where a space ship journeys to the center of the galaxy to find all the stars had gone supernova

Prevent Nautilus / Nemo from creating .Trash-1000 folder in mounted devices

How to politely refuse in-office gym instructor for steroids and protein

Why does 0.-5 evaluate to -5?

Chrome - Password saving with self-signed or broken SSL

Chrome is not offering to save passwords in a website with a self-signed SSL certificateAccepting self-signed SSL certificatesSelf signed SSL in WindowsImporting a self-signed SSL certificate on MacOSWhy do I have untrusted certificates for Google, Yahoo, Mozilla and others?How to create a SSL certificate signed by an intermediate certificateSelf signed certificate is not appearing in Chrome after importingApache serves an old SSL certificateSSL self-signed certificate on client sideSelf-signed certificate becomes invalid after some timeHow to fix Firefox 59 no longer accepting my self signed SSL certificate on .dev virtualhost

12

1

I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).

Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?

Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.

Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.

I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.

google-chrome ssl password-management

share|improve this question

edited Aug 15 '17 at 20:01

bshea

asked Aug 15 '17 at 16:02

bsheabshea

360312

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?
  
  – heavyd
  Aug 15 '17 at 16:08
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"
  
  – bshea
  Aug 15 '17 at 19:51
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)
  
  – bshea
  Aug 15 '17 at 20:00
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Importing your self-signed cert into the Windows certificate store does not work for me, too
  
  – Ivan
  Jan 19 '18 at 10:01
  

  
  
  
  

add a comment | 

12

1

I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).

Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?

Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.

Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.

I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.

google-chrome ssl password-management

share|improve this question

edited Aug 15 '17 at 20:01

bshea

asked Aug 15 '17 at 16:02

bsheabshea

360312

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?
  
  – heavyd
  Aug 15 '17 at 16:08
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"
  
  – bshea
  Aug 15 '17 at 19:51
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)
  
  – bshea
  Aug 15 '17 at 20:00
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Importing your self-signed cert into the Windows certificate store does not work for me, too
  
  – Ivan
  Jan 19 '18 at 10:01
  

  
  
  
  

add a comment | 

I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).

Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?

Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.

Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.

I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.

google-chrome ssl password-management

share|improve this question

edited Aug 15 '17 at 20:01

bshea

asked Aug 15 '17 at 16:02

bsheabshea

360312

share|improve this question

edited Aug 15 '17 at 20:01

bshea

asked Aug 15 '17 at 16:02

bsheabshea

360312

share|improve this question

edited Aug 15 '17 at 20:01

bshea

asked Aug 15 '17 at 16:02

bsheabshea

360312

asked Aug 15 '17 at 16:02

bsheabshea

360312

asked Aug 15 '17 at 16:02

bsheabshea

360312

4 Answers
4

active

oldest

votes

4

I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:

This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.

share|improve this answer

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..
  
  – bshea
  Aug 16 '17 at 14:59
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.
  
  – heavyd
  Aug 16 '17 at 15:31
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.
  
  – bshea
  Aug 16 '17 at 19:33
  
  
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass
  
  – heavyd
  Aug 16 '17 at 20:17
  

  
  
  
  

add a comment | 

3

Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").

Then click "Enable".

Just be extremely wary that this is a major security flaw.

share|improve this answer

edited Aug 16 '17 at 15:03

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.
  
  – bshea
  Aug 16 '17 at 14:55
  
  
  

  
  
  
  

add a comment | 

2

Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.

share|improve this answer

answered Jan 23 at 21:03

niutechniutech

635413

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?
  
  – bshea
  Jan 23 at 23:13
  
  
  

  
  
  
  

add a comment | 

0

i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus

edit:

• download iMacros chrome extension


• install it


• create chrome new tab


• open i macros


• then move To record section and press record


• at new tab go to login page


• fill your username and password


• press login


• then stop record and save page

and voila now you can play your recorded macro in bookmark section to login effortlessly

share|improve this answer

edited 5 hours ago

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?
  
  – Glorfindel
  yesterday
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1241132%2fchrome-password-saving-with-self-signed-or-broken-ssl%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

4

I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:

This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.

share|improve this answer

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..
  
  – bshea
  Aug 16 '17 at 14:59
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.
  
  – heavyd
  Aug 16 '17 at 15:31
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.
  
  – bshea
  Aug 16 '17 at 19:33
  
  
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass
  
  – heavyd
  Aug 16 '17 at 20:17
  

  
  
  
  

add a comment | 

4

I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:

This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.

share|improve this answer

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..
  
  – bshea
  Aug 16 '17 at 14:59
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.
  
  – heavyd
  Aug 16 '17 at 15:31
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.
  
  – bshea
  Aug 16 '17 at 19:33
  
  
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass
  
  – heavyd
  Aug 16 '17 at 20:17
  

  
  
  
  

add a comment | 

I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:

This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.

share|improve this answer

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

share|improve this answer

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

answered Aug 15 '17 at 22:00

heavydheavyd

50.6k12123156

3

Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").

Then click "Enable".

Just be extremely wary that this is a major security flaw.

share|improve this answer

edited Aug 16 '17 at 15:03

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.
  
  – bshea
  Aug 16 '17 at 14:55
  
  
  

  
  
  
  

add a comment | 

3

Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").

Then click "Enable".

Just be extremely wary that this is a major security flaw.

share|improve this answer

edited Aug 16 '17 at 15:03

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.
  
  – bshea
  Aug 16 '17 at 14:55
  
  
  

  
  
  
  

add a comment | 

Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").

Then click "Enable".

Just be extremely wary that this is a major security flaw.

share|improve this answer

edited Aug 16 '17 at 15:03

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

share|improve this answer

edited Aug 16 '17 at 15:03

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

answered Aug 15 '17 at 22:09

var firstNamevar firstName

1,645517

2

Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.

share|improve this answer

answered Jan 23 at 21:03

niutechniutech

635413

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?
  
  – bshea
  Jan 23 at 23:13
  
  
  

  
  
  
  

add a comment | 

2

Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.

share|improve this answer

answered Jan 23 at 21:03

niutechniutech

635413

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?
  
  – bshea
  Jan 23 at 23:13
  
  
  

  
  
  
  

add a comment | 

Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.

share|improve this answer

answered Jan 23 at 21:03

niutechniutech

635413

share|improve this answer

answered Jan 23 at 21:03

niutechniutech

635413

answered Jan 23 at 21:03

niutechniutech

635413

answered Jan 23 at 21:03

niutechniutech

635413

0

i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus

edit:

• download iMacros chrome extension


• install it


• create chrome new tab


• open i macros


• then move To record section and press record


• at new tab go to login page


• fill your username and password


• press login


• then stop record and save page

and voila now you can play your recorded macro in bookmark section to login effortlessly

share|improve this answer

edited 5 hours ago

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?
  
  – Glorfindel
  yesterday
  

  
  
  
  

add a comment | 

0

i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus

edit:

• download iMacros chrome extension


• install it


• create chrome new tab


• open i macros


• then move To record section and press record


• at new tab go to login page


• fill your username and password


• press login


• then stop record and save page

and voila now you can play your recorded macro in bookmark section to login effortlessly

share|improve this answer

edited 5 hours ago

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?
  
  – Glorfindel
  yesterday
  

  
  
  
  

add a comment | 

i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus

edit:

• download iMacros chrome extension


• install it


• create chrome new tab


• open i macros


• then move To record section and press record


• at new tab go to login page


• fill your username and password


• press login


• then stop record and save page

and voila now you can play your recorded macro in bookmark section to login effortlessly

share|improve this answer

edited 5 hours ago

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this answer

edited 5 hours ago

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered yesterday

rizky aprizky ap

11

New contributor

rizky ap is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered yesterday

rizky aprizky ap

11