Saturday, July 31, 2010

https certificate expired and chrome does not like it (by default)

Don't get me wrong.  I don't like Google Chrome personally even though I use it.  See? Hating does not mean you cannot live with it.  Right now, I have to run both Firefox and Google Chrome on the same machine as I don't know yet other way around to separate sessions / cookies of the same website on different tabs.  One thing I need, for example, is to access 2 gmail accounts at the same time (and I just want to do it through web-based only but not pop3/imap).

Today I wanted to sign up for a hotmail email as I needed a dummy email for testing purpose (I won't use hotmail for my personal emails anyway).  I used Google Chrome, went to www.hotmail.com, clicked "sign-up", and then I got this red alert page:




live.com's SSL has expired!? ... I wouldn't expect such a big company like Microsoft to make this kind of mistake unless it was by intention.

By default, Google Chrome does not allow us to access website under https with an expired certificate.  Unlike Firefox where on the same alert page, it gives us a confirm button to click which will allow us to access that suspicious web page.

Anyway, it is not difficult at all to change the default behavior just by going to this dialogue of Chrome:




And make sure you uncheck the "Check for server certificate revocation":




After that, you have to refresh that https web page and Google Chrome will allow you to access the web page under https with expired ssl certificate.

0 comments:

Post a Comment