Hi,
I can’t get local SSL to work. I’m getting ERR_CERT_AUTHORITY_INVALID in Chrome and MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT in Firefox. Everything else works as expected.
This is on Windows 10 Pro and DevKinsta 2.13.6
I Also have Local WP installed with SSL working without problems. So seems to be an issue with DevKinsta.
Any Ideas?
This workaround from Google Gemini worked:
Manually Import the Certificate
If DevKinsta fails to automate the process, you can do it manually by following these steps:
Locate the certificate file for your local site. It is typically found in: C:\Users\YourName\DevKinsta\ssl\
Look for the file named your-site.crt.
Double-click the file and select Install Certificate….
Choose Local Machine as the Store Location and click Next.
Select Place all certificates in the following store and click Browse.
Select Trusted Root Certification Authorities and click OK.
Complete the wizard by clicking Next and then Finish.
Restart Chrome completely (type chrome://restart in the address bar) to apply the changes.
So seems the certificates are ok. Just not imported correctly.
Any ideas as why DevKinsta can’t sort this?
Hi @Boser,
Welcome to the Kinsta Community forums! Thank you for reaching out to us on the forums!
I have been investigating into what could be causing this issue to occur. I do see on my end on a MacBook Pro that when I enable HTTPS support for a site in DevKinsta I am prompted to enter my administrator password so that the DevKinsta root certificate can be installed in the keychain.
I do see that this process is completing successfully. When using Safari as my browser I do see that when I visit my site the SSL certificate appears trusted and loads without issue.
However, on both Brave and Firefox the certificate is not trusted. It appears on my end that this is a browser related issue.
On Firefox if I navigate to the browser settings and then under the Privacy & Security settings if I toggle the “Allow Firefox Developer Edition to automatically trust third-party root certificates you install“ option it resolves the problem.
We are looking further into the issue regarding Brave/Chrome to see if a similar setting needs to be toggled, or enabled.
I see however that you already found a solution that worked for you. The process you outlined appears to install the site’s SSL certificate directly into the keychain. However, this certificate should automatically be trusted as the root DevKinsta certificate should already be installed.
To clarify, when you enabled HTTPS for your DevKinsta site were you prompted to enter your administrator password to install the DevKinsta root certificate?
We look forward to hearing from you!
Yes I was!
Just checked and after manual import SSL works in both Chrome and Firefox.
Installed Brave just now and works fine with DevKinsta sites with manually imported certificates.
Can’t tell for Firefox/Brave, but in Chrome, imported certificates from Windows are listed at “chrome://certificate-manager/localcerts/platformcerts”. The certificates I manually imported was not present before the import.
So in Windows, manual import gets Chrome/Firefox/Brave to work with SSL. Must be something with DevKinsta and Windows then?
Thank you for the update. I’m glad to hear that Brave is now working after manually importing the certificate.
From what I know, DevKinsta should automatically install its CA into the Windows trust store. If that process is interrupted or blocked or a setting whether by permissions, antivirus software, or system policies, the certificate won’t be properly added, which prevents browsers from recognizing it. I think that’s what happened here.
Otherwise, the workaround should work.