Score:0

NET::ERR_CERT_AUTHORITY_INVALID error in Chrome but not in Firefox

jp flag

I'm using AWS and I have requested an ACM certificate. I used DNS validation to make it a valid cert. Now I've attached it to a private ALB.

The URL is private.

When I connect with my VPN and I can perform the following command:

curl -vvI https://mystuff.domain.cloud 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'

Output:

..*  SSL certificate verify ok.
..

When I visit the URL in Firefox everything is fine too and it's a valid cert. But when I visit the URL in Chrome I see the following error:

NET::ERR_CERT_AUTHORITY_INVALID

The Certificate is not valid is shown. When I click on that I see the Amazon Root CA 1 (valid), Amazon intermediate cert (valid) and mystuff.domain.cloud cert (valid). Everything seems valid there..

Does anyone have an idea what I'm doing wrong? I'm searching for hours and I don't get it. I also contacted AWS support but everything on cert and AWS side was fine.

yagmoth555 avatar
cn flag
Hi, does the error come from other computers too ? to isolate if it's a custom chrome settings, or a certificate imported inside the machine that was set that cause the error.
dave_thompson_085 avatar
jp flag
BTW a simpler way to select all lines from a pattern to EOF is `...| awk '/^\* SSL connection/,0'` or sed can do it `...| sed -n '/^\* SSL connection/,$p'`
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.