设为首页收藏本站

ZMX - IT技术交流论坛 - 无限Perfect,追求梦想 - itzmx.com

 找回密码
 注册论坛

QQ登录

只需一步,快速开始

新浪微博账号登陆

只需一步,快速开始

用百度帐号登录

只需两步,快速登录

搜索
查看: 1111|回复: 0

https网站服务器报错 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED 证书CT错误的解决办法

[复制链接]
 成长值: 249

签到天数: 4708 天

[LV.Master]伴坛终老

发表于 2023/3/30 19:30 | 显示全部楼层 |阅读模式 |Google Chrome 111.0.0.0|Windows 10
天涯海角搜一下: 百度 谷歌 360 搜狗 有道 雅虎 必应 即刻
https网站服务器报错 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED 证书CT错误的解决办法

Chrome Policies
Chrome has gradually required Certificate Transparency for more and more publicly-trusted certificates over the past few years.

Since 1 January 2015, Chrome has required that all Extended Validation certificates be disclosed via Certificate Transparency. Certificates that were not properly disclosed would be stripped of their EV status, but no warnings would be shown to visitors to sites that did not comply.

Since 1 June 2016, Chrome has required that all new certificates issued by the set of root certificates owned by Symantec Corporation are disclosed via Certificate Transparency. Certificates that were not disclosed, or which were not disclosed in a way consistent with RFC 6962, would be rejected as untrusted.

For all new certificates issued after 30 April 2018, Chrome will require that the certificate be disclosed via Certificate Transparency. If a certificate is issued after this date and neither the certificate nor the site supports CT, then these certificates will be rejected as untrusted, and the connection will be blocked. In the case of a main page load, the user will see a full page certificate warning page, with the error code net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED. If you receive this error, this indicates that your CA has not taken steps to make sure your certificate supports CT, and you should contact your CA's sales or support team to ensure you can get a replacement certificate that works.

解决办法,换证书
https://chromium.googlesource.com/chromium/src/+/master/net/docs/certificate-transparency.md#Chrome-Policies

目前也只有apple大公司在用ct,如下
https://valid.apple.com/ct/log_list/current_log_list.json

意义不大,等于说就是A可能作假内部偷偷颁发证书,然后B去监督A,但是A可以颁发个不带ct的,B就不知道了,b是去中心化的,也就是不存在人为管控的情况,所以B监督A,B是绝对可受信任的

[发帖际遇]: 小樱 发帖时在路边捡到 3 樱币,偷偷放进了口袋. 幸运榜 / 衰神榜
欢迎光临IT技术交流论坛:http://bbs.itzmx.com/
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册论坛 新浪微博账号登陆用百度帐号登录

本版积分规则

手机版|Archiver|Mail me|网站地图|IT技术交流论坛 ( 闽ICP备13013206号-7 )

GMT+8, 2024/11/24 11:11 , Processed in 0.118189 second(s), 21 queries , MemCache On.

Powered by itzmx! X3.4

© 2011- sakura

快速回复 返回顶部 返回列表