HTTPS Not Working - Invalid Certificate (MacOS)

BrandynF · January 20, 2021, 6:19pm

Hello!

For whatever reason upon enabling HTTPS on any site within DevKinsta’s site settings and then navigating to the local site in Chrome, I am getting the “your connection is not private” warnings. Turning off HTTPS and back on again doesn’t work.

Do I need to manually trust the certificates generated for each site in Chrome? I figured it should work without having to do that but I thought I’d ask just in case that was the solution.

Thank you in advance!

michael · January 18, 2021, 5:49pm

Hi @BrandynF . It sounds like the certificates may not be generating. Are you on Mac or Windows? When creating a site, are you presented with a dialog box to enter your machines password?

BrandynF · January 18, 2021, 5:56pm

Hey @michael

I’m on MacOS Big Sur right now. When creating a site or pulling from Kinsta I am presented with those certificate dialog boxes to enter my machine’s password. It doesn’t give any error messages that the certificates weren’t generated after entering my password and when inspecting the certificates in Chrome it looks like it’s generated but shows “this certificate has not been verified by a third party.”

michael · March 3, 2021, 5:46pm

Thank you for the additional info, @BrandynF. Our developers are aware of an issue with macOS Big Sur 11.1 and the creation of SSL certificates. For the time being, it’s safe to manually trust the certificates.

It’s also possible however that the error would appear in cases of mixed HTTPS and HTTP content on a page. Running a Search & Replace via plugin or the database may help catch those.

BrandynF · January 18, 2021, 6:50pm

Thanks for the help, @michael

That must be the issue then! I’ll go ahead and manually trust those certs and I look forward to a future update that may fix the issue. I did try to run a search & replace just in case but that didn’t do anything.

Thanks again for the help!

Antoni_Christian · January 18, 2021, 8:54pm

This is also a problem on windows 10… I have enabled SSL and HTTPS yet I am still getting this warning…

sznngoodwin · January 19, 2021, 2:38pm

This works for me on my Macs:

Open Keychain Access app
Locate the new .local domain name in the System keychain and double click to open the certificate
Click on the caret to the left of “Trust” and select “Always Trust” in the first dropdown
Close Keychain Access and restart your browser

michael · January 19, 2021, 4:26pm

Great tip @sznngoodwin !

fairbee · May 31, 2021, 1:55pm

I’m having this issue as well, the fix suggested before fixed the issue when visiting the website, but it also affects the cron function of wordpress.

at: /wp-admin/tools.php?page=crontrol_admin_manage_page
I see the following error:
cURL error 7: Failed to connect to fairbee.local port 443: Connection refused

Any suggestion on how to solve this? I’m guessing I should somehow be able to get into the docker image to trust the certificate there?

michael · May 31, 2021, 4:18pm

Hey @fairbee. Welcome to DevKinsta! Crons should be able to function as normal on DevKinsta, but it may depend on the cron job that’s attempting to run. We’ll take a look at this

fairbee · June 1, 2021, 6:53am

thanks I assume it has to do with the same SSL issue, since cURL from terminal had the same result until I used the “trust always” setting suggested before.