NET::ERR_CERT_INVALID: How to Fix the error: Your connection isn’t private Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards).
The error message you’re seeing, “NET::ERR_CERT_INVALID,” indicates that your browser is warning you about an invalid SSL certificate when trying to access the website at `https://localhost:5001/`. This is a common issue during local development, and you can resolve it by either using a self-signed certificate or by disabling SSL checks in your browser for local development purposes.
Here are two approaches to resolve this error:
1. **Use a Self-Signed Certificate**:
If you want to establish a secure HTTPS connection locally, you can create and use a self-signed SSL certificate. This is more secure and recommended for production-like environments.
Here’s a high-level overview of how to generate and use a self-signed certificate:
- Install a development SSL certificate: Tools like OpenSSL or DevCert can help you generate a self-signed certificate. You can use OpenSSL like this:
```sh
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
```
- In your development environment, configure your application to use the generated certificate for SSL. The exact steps depend on the programming language and framework you are using.
- Make sure your application is configured to use the self-signed certificate, and then you can access it at `https://localhost:5001/`.
2. **Disable SSL Checks in Browser**:
If you don’t require a secure connection for local development, you can temporarily disable SSL checks in your browser. Keep in mind that this approach is not secure and should only be used for development.
- In Chrome:
1. Visit `chrome://flags/#allow-insecure-localhost`.
2. Enable the “Allow invalid certificates for resources loaded from localhost” flag.
3. Restart your browser.
- In Firefox:
1. Enter `about:config` in the address bar.
2. Search for `security.enterprise_roots.enabled` and set it to `true`.
3. Search for `security.certerrors.mitm.priming.enabled` and set it to `false`.
4. Restart your browser.
After making these changes, you should be able to access `https://localhost:5001/` without encountering the SSL certificate error.
Remember that disabling SSL checks is not a recommended practice for production or public-facing websites, but it can be acceptable for local development and testing purposes. If you intend to deploy your application to a production environment, you should configure it to use a valid SSL certificate.
