小樱 发表于 2023/3/30 19:30

https网站服务器报错 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED 证书CT错误的解决办法

https网站服务器报错 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED 证书CT错误的解决办法

Chrome Policies
Chrome has gradually required Certificate Transparency for more and more publicly-trusted certificates over the past few years.

Since 1 January 2015, Chrome has required that all Extended Validation certificates be disclosed via Certificate Transparency. Certificates that were not properly disclosed would be stripped of their EV status, but no warnings would be shown to visitors to sites that did not comply.

Since 1 June 2016, Chrome has required that all new certificates issued by the set of root certificates owned by Symantec Corporation are disclosed via Certificate Transparency. Certificates that were not disclosed, or which were not disclosed in a way consistent with RFC 6962, would be rejected as untrusted.

For all new certificates issued after 30 April 2018, Chrome will require that the certificate be disclosed via Certificate Transparency. If a certificate is issued after this date and neither the certificate nor the site supports CT, then these certificates will be rejected as untrusted, and the connection will be blocked. In the case of a main page load, the user will see a full page certificate warning page, with the error code net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED. If you receive this error, this indicates that your CA has not taken steps to make sure your certificate supports CT, and you should contact your CA's sales or support team to ensure you can get a replacement certificate that works.

解决办法,换证书
https://chromium.googlesource.com/chromium/src/+/master/net/docs/certificate-transparency.md#Chrome-Policies

目前也只有apple大公司在用ct,如下
https://valid.apple.com/ct/log_list/current_log_list.json

意义不大,等于说就是A可能作假内部偷偷颁发证书,然后B去监督A,但是A可以颁发个不带ct的,B就不知道了,b是去中心化的,也就是不存在人为管控的情况,所以B监督A,B是绝对可受信任的

页: [1]
查看完整版本: https网站服务器报错 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED 证书CT错误的解决办法