Thursday, December 15, 2016

Chrome on macOS's "You cannot visit (some host) right now because the website uses HSTS" Error

Do the following at your own risk, and only if you are absolutely sure that the root CA and certificates you delete and add are what you need.

If you get this error in Chrome in macOS:

You cannot visit (some host) right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later. Learn more.

and you know that the cert was self-signed under an untrusted root CA, then go to Keychain Access in macOS, click on certificates, and delete any old/incorrect certificates. Then open Safari to a website that has the untrusted root CA and trust it. You should then be able to open up the site in Chrome. Note: sometimes for whatever reason the cert might be on its own and you might trust it, but you need to trust its signing CA as well. Be sure that that you have a ancestry of trust.

No comments: