Chrome – How to deal with NET:ERR_CERT_AUTHORITY_INVALID in Chrome

certificategoogle-chromeman-in-the-middlessl

My work place intercepts SSL connections, looks at their contents, and then passes the data to and from my machine and remote hosts – a kind of man-in-the-middle attack. This is not uncommon in corporate or enterprise environments.

Now I have a virtual machine running on my computer. The virtual machine does not have the certificates the actual machine has which enable the MITM to work transparently. As a result, I get this message:

NET::ERR_CERT_AUTHORITY_INVALID message in Chrome

What can I do to resolve this?

Best Answer

First thing's first:

DO NOT DO THE FOLLOWING IF YOU DO NOT TRUST THE CERTIFICATE ISSUER

Doing this allows a man-in-the-middle to see all of your communications. This fix should only be employed if you are in a situation which warrants it, not if you're sitting at a coffee shop and having problems connecting to things.

That said...

The first step is to acquire the certificate of the MITM.

To do so, click the little HTTPS lock and hit details:

Page details

Click "View Certificate" in the dialog that comes up.

Certificate details pane

Hit "Details" in the Certificate viewer and select the top certificate, which should be from an address other than the one you were trying to get to (see picture):

Certificate viewer

Then hit "Export" and save the certificate file.

Now, go to Settings → Advanced → Manage Certificates... → Authorities

Settings menu

And hit "Import". Select the certificate file you saved previously and hit all of the check boxes that appear, authorizing it to certify everything.

Manage certificates menu