잘은 모르겠으나
Ubuntu chrome에서 방화벽을 경유하여 외부 사이트로 HTTPS 연결 시
chrome에서 SSL error를 보여주며 아래와 같이 연결을 중단 시킴.
아마도 방화벽에서 전달하는 인증서가 ubuntu에 등록되지 않아서 발생하는 것으로 판단하고 방법을 찾아서 해결함..
http://www.pocketables.com/2014/02/override-chromes-new-ssl-error-connect-real.html
아래와 같이 인증서 설치로 문제 해결..가능..
[인증서 설치 방법]
Adding SSL certificates to Google Chrome Linux (Ubuntu)
Peter van der Does - February 3, 2010
: http://blog.avirtualhome.com/adding-ssl-certificates-to-google-chrome-linux-ubuntu/
Google Chrome in Linux doesn’t have a SSL certificate manager, it relies on the NSS Shared DB. In order to add SSL certificates to the database you will have to use the command line. I will explain how you can add the CAcert certificates and a very easy way to add self-signed certificates.
You will have to install some tools first:
sudo apt-get install libnss3-tools
sudo apt-get install curl
Adding CAcert certificates
Lets start with adding the CAcert certificates, this will help with a lot of sites
curl -k -o "cacert-root.crt" "http://www.cacert.org/certs/root.crt"
curl -k -o "cacert-class3.crt" "http://www.cacert.org/certs/class3.crt"
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org" -i cacert-root.crt
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org Class 3" -i cacert-class3.crt
Adding self-signed certficates
There are certain sites that use self-signed certificates and you need to add them individually to the database and there are two options to do this:
마지막에 있는 command line 두줄 처럼 certutil을 사용하여 add 하면 됨.
sql:$HOME/.pki/nssdb 부분에서 절대 경로를 /home/xxxx 를 사용해보고
그래도 S E C_ERROR_BAD_DATABASE, bad database 에러 발생 하면
아래 처럼 DB init
http://serverfault.com/questions/414578/certutil-function-failed-security-library-bad-database
5
|
If it is new system, your certificate database might not be initialized. To fix this, perform:
|
댓글 없음:
댓글 쓰기