Chrome - Password saving with self-signed or broken SSL












12















I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).



Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?



Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.



Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.



I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.










share|improve this question

























  • Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

    – heavyd
    Aug 15 '17 at 16:08











  • Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

    – bshea
    Aug 15 '17 at 19:51











  • Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

    – bshea
    Aug 15 '17 at 20:00











  • Importing your self-signed cert into the Windows certificate store does not work for me, too

    – Ivan
    Jan 19 '18 at 10:01
















12















I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).



Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?



Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.



Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.



I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.










share|improve this question

























  • Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

    – heavyd
    Aug 15 '17 at 16:08











  • Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

    – bshea
    Aug 15 '17 at 19:51











  • Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

    – bshea
    Aug 15 '17 at 20:00











  • Importing your self-signed cert into the Windows certificate store does not work for me, too

    – Ivan
    Jan 19 '18 at 10:01














12












12








12


1






I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).



Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?



Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.



Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.



I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.










share|improve this question
















I have searched frequently for a way to do this and never found a good answer, though there have been tickets created in the past (#142818 & #405549).



Apparently, the chromium devs have (still) failed to create a chrome://flags override for "broken" SSL and/or password saving. This would seem to be the easiest way to fix this annoying "feature" (via flags). I DO understand completely why they block it by default. But why no option to unblock?



Since there is no override to my knowledge, I had assumed that you would need to import the given self-signed certificate to a trusted root area in (Windows) store. This does not appear to work either.



Has anyone been able to get this to work? I can live with the warning - just not the lack of password saving.



I spent most of my workday in a dev environment and need to keep re-entering passwords 80x a day (copy/paste). This gets more than a bit old.







google-chrome ssl password-management






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 15 '17 at 20:01







bshea

















asked Aug 15 '17 at 16:02









bsheabshea

360312




360312













  • Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

    – heavyd
    Aug 15 '17 at 16:08











  • Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

    – bshea
    Aug 15 '17 at 19:51











  • Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

    – bshea
    Aug 15 '17 at 20:00











  • Importing your self-signed cert into the Windows certificate store does not work for me, too

    – Ivan
    Jan 19 '18 at 10:01



















  • Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

    – heavyd
    Aug 15 '17 at 16:08











  • Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

    – bshea
    Aug 15 '17 at 19:51











  • Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

    – bshea
    Aug 15 '17 at 20:00











  • Importing your self-signed cert into the Windows certificate store does not work for me, too

    – Ivan
    Jan 19 '18 at 10:01

















Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

– heavyd
Aug 15 '17 at 16:08





Importing your self-signed cert into the Windows certificate store does work for Chrome, I do this all time. How are you importing it and into which store?

– heavyd
Aug 15 '17 at 16:08













Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

– bshea
Aug 15 '17 at 19:51





Last attempt - Import self-signed .cer format into "Trusted Root Cert Auths./Certificates"

– bshea
Aug 15 '17 at 19:51













Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

– bshea
Aug 15 '17 at 20:00





Not to state the obvious, but wouldn't be a bit easier if Chrome just added a flag override for us? Anyway, if you can point me in right direction or tell me what I am doing wrong please do :)

– bshea
Aug 15 '17 at 20:00













Importing your self-signed cert into the Windows certificate store does not work for me, too

– Ivan
Jan 19 '18 at 10:01





Importing your self-signed cert into the Windows certificate store does not work for me, too

– Ivan
Jan 19 '18 at 10:01










4 Answers
4






active

oldest

votes


















4














I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:



Screenshot



This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.






share|improve this answer
























  • Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

    – bshea
    Aug 16 '17 at 14:59






  • 2





    @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

    – heavyd
    Aug 16 '17 at 15:31






  • 1





    I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

    – bshea
    Aug 16 '17 at 19:33








  • 1





    @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

    – heavyd
    Aug 16 '17 at 20:17



















3














Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").



Then click "Enable".



Just be extremely wary that this is a major security flaw.






share|improve this answer


























  • That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

    – bshea
    Aug 16 '17 at 14:55





















2














Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.






share|improve this answer
























  • Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

    – bshea
    Jan 23 at 23:13





















0














i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus



edit:




  • download iMacros chrome extension

  • install it

  • create chrome new tab

  • open i macros

  • then move To record section and press record

  • at new tab go to login page

  • fill your username and password

  • press login

  • then stop record and save page


and voila now you can play your recorded macro in bookmark section to login effortlessly






share|improve this answer





















  • 1





    Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

    – Glorfindel
    Feb 24 at 13:06











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1241132%2fchrome-password-saving-with-self-signed-or-broken-ssl%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























4 Answers
4






active

oldest

votes








4 Answers
4






active

oldest

votes









active

oldest

votes






active

oldest

votes









4














I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:



Screenshot



This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.






share|improve this answer
























  • Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

    – bshea
    Aug 16 '17 at 14:59






  • 2





    @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

    – heavyd
    Aug 16 '17 at 15:31






  • 1





    I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

    – bshea
    Aug 16 '17 at 19:33








  • 1





    @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

    – heavyd
    Aug 16 '17 at 20:17
















4














I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:



Screenshot



This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.






share|improve this answer
























  • Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

    – bshea
    Aug 16 '17 at 14:59






  • 2





    @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

    – heavyd
    Aug 16 '17 at 15:31






  • 1





    I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

    – bshea
    Aug 16 '17 at 19:33








  • 1





    @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

    – heavyd
    Aug 16 '17 at 20:17














4












4








4







I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:



Screenshot



This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.






share|improve this answer













I did not know about this option before today, but it appears that Chrome does have a flag for allowing insecure certificates from the localhost origin. This option is available from the chrome://flags/#allow-insecure-localhost page:



Screenshot



This will only help you for self-signed certificates on the localhost origin, and I have not tested it to see if it actually fixes your problem with the password manager, but it looks promising.







share|improve this answer












share|improve this answer



share|improve this answer










answered Aug 15 '17 at 22:00









heavydheavyd

50.7k12123156




50.7k12123156













  • Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

    – bshea
    Aug 16 '17 at 14:59






  • 2





    @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

    – heavyd
    Aug 16 '17 at 15:31






  • 1





    I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

    – bshea
    Aug 16 '17 at 19:33








  • 1





    @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

    – heavyd
    Aug 16 '17 at 20:17



















  • Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

    – bshea
    Aug 16 '17 at 14:59






  • 2





    @bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

    – heavyd
    Aug 16 '17 at 15:31






  • 1





    I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

    – bshea
    Aug 16 '17 at 19:33








  • 1





    @bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

    – heavyd
    Aug 16 '17 at 20:17

















Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

– bshea
Aug 16 '17 at 14:59





Wasn't sure who answered first so gave the approve to first one. Flag doesn't cover all I needed it to, but will help..

– bshea
Aug 16 '17 at 14:59




2




2





@bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

– heavyd
Aug 16 '17 at 15:31





@bshea, FYI hovering over the "answered XX minutes/hours/days ago" label will display and exact timestamp.

– heavyd
Aug 16 '17 at 15:31




1




1





I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

– bshea
Aug 16 '17 at 19:33







I wish chrome flags would support a complete override on cert checks (or specifically password saving from non-localhost source). There is a nice warning about using flags.. so I don't see why they don't. Liability i guess.

– bshea
Aug 16 '17 at 19:33






1




1





@bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

– heavyd
Aug 16 '17 at 20:17





@bshea, yeah I think they're trying to be security conscious. If the flag is there, then lazy website owners or malicious actors may instruct users to go flip the flag to enable their bad practices. If the flag is not there, there is no bypass

– heavyd
Aug 16 '17 at 20:17













3














Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").



Then click "Enable".



Just be extremely wary that this is a major security flaw.






share|improve this answer


























  • That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

    – bshea
    Aug 16 '17 at 14:55


















3














Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").



Then click "Enable".



Just be extremely wary that this is a major security flaw.






share|improve this answer


























  • That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

    – bshea
    Aug 16 '17 at 14:55
















3












3








3







Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").



Then click "Enable".



Just be extremely wary that this is a major security flaw.






share|improve this answer















Navigate to chrome://flags/#allow-insecure-localhost (or just right click this link and click "Open link in new tab").



Then click "Enable".



Just be extremely wary that this is a major security flaw.







share|improve this answer














share|improve this answer



share|improve this answer








edited Aug 16 '17 at 15:03

























answered Aug 15 '17 at 22:09









var firstNamevar firstName

1,645517




1,645517













  • That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

    – bshea
    Aug 16 '17 at 14:55





















  • That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

    – bshea
    Aug 16 '17 at 14:55



















That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

– bshea
Aug 16 '17 at 14:55







That flag is news to me. Not quite what i needed (localhost only), but it will certainly help.. Thanks.

– bshea
Aug 16 '17 at 14:55













2














Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.






share|improve this answer
























  • Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

    – bshea
    Jan 23 at 23:13


















2














Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.






share|improve this answer
























  • Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

    – bshea
    Jan 23 at 23:13
















2












2








2







Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.






share|improve this answer













Alternatively, you can start Chrome with a command line switch --unsafely-treat-insecure-origin-as-secure="http://example.com" or go to chrome://flags/#unsafely-treat-insecure-origin-as-secure and enter your unsafe origin, e.g. http://example.com.







share|improve this answer












share|improve this answer



share|improve this answer










answered Jan 23 at 21:03









niutechniutech

635413




635413













  • Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

    – bshea
    Jan 23 at 23:13





















  • Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

    – bshea
    Jan 23 at 23:13



















Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

– bshea
Jan 23 at 23:13







Nice. Hadn't seen that flag/switch before. Can you also save a password for that 'bad ssl' domain?

– bshea
Jan 23 at 23:13













0














i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus



edit:




  • download iMacros chrome extension

  • install it

  • create chrome new tab

  • open i macros

  • then move To record section and press record

  • at new tab go to login page

  • fill your username and password

  • press login

  • then stop record and save page


and voila now you can play your recorded macro in bookmark section to login effortlessly






share|improve this answer





















  • 1





    Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

    – Glorfindel
    Feb 24 at 13:06
















0














i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus



edit:




  • download iMacros chrome extension

  • install it

  • create chrome new tab

  • open i macros

  • then move To record section and press record

  • at new tab go to login page

  • fill your username and password

  • press login

  • then stop record and save page


and voila now you can play your recorded macro in bookmark section to login effortlessly






share|improve this answer





















  • 1





    Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

    – Glorfindel
    Feb 24 at 13:06














0












0








0







i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus



edit:




  • download iMacros chrome extension

  • install it

  • create chrome new tab

  • open i macros

  • then move To record section and press record

  • at new tab go to login page

  • fill your username and password

  • press login

  • then stop record and save page


and voila now you can play your recorded macro in bookmark section to login effortlessly






share|improve this answer















i suggest you to use macro (iMacros) instead break the security default of chrome and that's better to protect you from virus



edit:




  • download iMacros chrome extension

  • install it

  • create chrome new tab

  • open i macros

  • then move To record section and press record

  • at new tab go to login page

  • fill your username and password

  • press login

  • then stop record and save page


and voila now you can play your recorded macro in bookmark section to login effortlessly







share|improve this answer














share|improve this answer



share|improve this answer








edited Feb 25 at 12:12

























answered Feb 24 at 12:46









rizky aprizky ap

11




11








  • 1





    Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

    – Glorfindel
    Feb 24 at 13:06














  • 1





    Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

    – Glorfindel
    Feb 24 at 13:06








1




1





Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

– Glorfindel
Feb 24 at 13:06





Welcome to Super User! Could you edit your answer to make it clear how it is answering the question?

– Glorfindel
Feb 24 at 13:06


















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1241132%2fchrome-password-saving-with-self-signed-or-broken-ssl%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Plaza Victoria

Puebla de Zaragoza

Musa