The commonly suggested wisdom for local development environments with HTTPS is to use a self-created Root CA and use certificates issued from that CA. However, Chrome requires Certificate Transparancy since about a year now, with a warning for sites that don't have their certificate logged. How does this interact with self-created CAs and certificates issued from that CA that obviously aren't logged in CT logs? And if it shows a warning, is there a way to avoid it?
Asked
Active
Viewed 118 times
1 Answers
2
From Announcement: Requiring Certificate Transparency ...:
This past week at the 39th meeting of the CA/Browser Forum, the Chrome team announced plans that publicly trusted website certificates issued in October 2017 or later will be expected to comply with Chrome’s Certificate Transparency policy in order to be trusted by Chrome.
Thus, the requirement for CT is only for certificates issued by public CA. CT is not required for certificates issued by private CA.
Steffen Ullrich
- 184,332
- 29
- 363
- 424