Can't trust site certificate to use https (Windows 10, Local 2.2.1)

So I have a problem as described in a title. When I create a new site with Local and I try to trust certificate under SSL tab, the system prompt is displayed that asks if I want to let this application to make changes on a computer but when I confirm this, the button never changes to “Trusted” - it remains grey and still says “Trust”. Of course in a browser, there is still no green padlock and chrome recognizes the site as unsecured (screen below).

Is it possible that it doesn’t work automatically because of a special character in my username (“C:\Users\Paweł\AppData.…”)? When this prompt I mentioned above appears it displays path to a certificate but with an invalid character in a place of “ł”, so maybe this is the reason? I was never able to achieve this green padlock, even with previous versions of Local. So, it’s just my theory - if it is caused by invalid special characters in a path to certificate and it won’t work automatically for now, then maybe I could do it manually somehow?

1 Like

Me too and I don’t have any special character in my name.

@paweltar @royrogers,

Can you both provide your local-by-flywheel.log files immediately after clicking the “Trust” button?

yes, sorry it took so long. Here is my log file from today.

Jan 6, 2018, 7:32 AM GMT+1 - info: [main/index] Existing Pressmatic data does not exist.
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/check-system] Check System: Docker Machine:  
{ stdout: 'Stopped\n', stderr: '' }
Jan 6, 2018, 7:32 AM GMT+1 - info: [renderer/CheckEnvPage] Check system promise response: 
[ undefined, 'machine-halted' ]
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] Checking Boot2Docker.iso hash
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] Boot2Docker.iso hash does not match!
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] Copying C:\Users\Paweł\AppData\Local\Programs\local-by-flywheel\resources\extraResources\virtual-machine\vendor\docker\boot2docker.iso to C:\Users\Paweł\.docker\machine\machines\local-by-flywheel\boot2docker.iso
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] Running  C:\Users\Paweł\AppData\Local\Programs\local-by-flywheel\resources\extraResources\virtual-machine\vendor\docker\windows\docker-machine.exe start local-by-flywheel
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] Starting "local-by-flywheel"...
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] (local-by-flywheel) Check network to re-create if needed...
Jan 6, 2018, 7:32 AM GMT+1 - info: [main/docker-machine] (local-by-flywheel) Waiting for an IP...
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] Machine "local-by-flywheel" was started.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] Waiting for SSH to be available...
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] Detecting the provisioner...
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] Started machines may have new IP addresses. You may need to re-run the `docker-machine env` command.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/set-docker-env] Getting Docker Machine env.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/set-docker-env] Received Docker Machine env. export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.92.100:2376"
export DOCKER_CERT_PATH="C:\Users\Paweł\.docker\machine\machines\local-by-flywheel"
export DOCKER_MACHINE_NAME="local-by-flywheel"
export COMPOSE_CONVERT_WINDOWS_PATHS="true"
# Run this command to configure your shell: 
# eval $("C:\Users\Paweł\AppData\Local\Programs\local-by-flywheel\resources\extraResources\virtual-machine\vendor\docker\windows\docker-machine.exe" env --shell bash local-by-flywheel)

Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] checking IP
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/set-docker-env] Getting Docker Machine env.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-machine] checked IP 192.168.92.100

Jan 6, 2018, 7:33 AM GMT+1 - info: [main/set-docker-env] Received Docker Machine env. export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.92.100:2376"
export DOCKER_CERT_PATH="C:\Users\Paweł\.docker\machine\machines\local-by-flywheel"
export DOCKER_MACHINE_NAME="local-by-flywheel"
export COMPOSE_CONVERT_WINDOWS_PATHS="true"
# Run this command to configure your shell: 
# eval $("C:\Users\Paweł\AppData\Local\Programs\local-by-flywheel\resources\extraResources\virtual-machine\vendor\docker\windows\docker-machine.exe" env --shell bash local-by-flywheel)

Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForMySQL] Querying MySQL
Jan 6, 2018, 7:33 AM GMT+1 - info: [environment/custom] Empty /etc/mysql
Jan 6, 2018, 7:33 AM GMT+1 - info: [environment/custom] Copying MySQL config to container prior to starting.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForFile] Waiting for  /conf/php/7.0.3/etc/php-fpm.conf 4eb2069db42f260cc19c73bec5acf525335ad3dbf20e64079c6cb55ba1fcc163
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] getRouterContainers()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] maybeCreateNetwork
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] reconnectNetwork()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] doesNetworkExist
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] teardown()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] Removing router container 499341ed5aa11109ff2ce45273bb5a67a3ef6bc1fa474c31d89d5a614a334932
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Network exists.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForFile] /conf/php/7.0.3/etc/php-fpm.conf exists
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForMySQL] Querying MySQL
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 64a0701a9af61139044c0081e8ff857e5cbe7b448c95ba688994727db48e853f.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected d59b997ecc599e1987f14478ce577f3507018c29fb1f9d72eb412192c9df0033.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 003377e38828fd29a3ea677565691c098e80d37713d33f7544969032cc485a3a.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected cdbb48bd74753b3954ab6897bf52d1481c6ebe229f56407513f8f583694d7dcc.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected f97bb99d66392c45b9ceeb1ebed081139d58beea37d04a6e2bd0b10754f38a1b.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 8fdb0aebd4370f650003dcf5ab355618ae59a047d5ab802ae8ab58919e9fd51e.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 112ebfad545df3283f22c944b4ede95770d007b00ccd2a4cf554fabc9654540b.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 52dff2b84f4c6377edebdf71b037907cdc8b255ecfe119069a2e09b79ed7ae6d.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] updateProxyManager()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] runContainer()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 4eb2069db42f260cc19c73bec5acf525335ad3dbf20e64079c6cb55ba1fcc163.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForMySQL] Querying MySQL
Jan 6, 2018, 7:33 AM GMT+1 - info: [environment/custom]  Starting php-fpm  done
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForMySQL] Querying MySQL
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/stopSite] Stopping site: running mydumper
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/backupDB] Running mydumper on BJhQ4Hj7f
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/stopSite] Stopping site: stopping container 4eb2069db42f260cc19c73bec5acf525335ad3dbf20e64079c6cb55ba1fcc163
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/waitForMySQL] Querying MySQL
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] getRouterContainers()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] maybeCreateNetwork
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] doesNetworkExist
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] reconnectNetwork()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] teardown()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Network exists.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] Removing router container 9702dfcd72f81a184986c7c03312854417c90406a8221f1ac0e4fa3ddb9c0606
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 52dff2b84f4c6377edebdf71b037907cdc8b255ecfe119069a2e09b79ed7ae6d.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 8fdb0aebd4370f650003dcf5ab355618ae59a047d5ab802ae8ab58919e9fd51e.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected cdbb48bd74753b3954ab6897bf52d1481c6ebe229f56407513f8f583694d7dcc.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 4eb2069db42f260cc19c73bec5acf525335ad3dbf20e64079c6cb55ba1fcc163.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 003377e38828fd29a3ea677565691c098e80d37713d33f7544969032cc485a3a.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected f97bb99d66392c45b9ceeb1ebed081139d58beea37d04a6e2bd0b10754f38a1b.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 64a0701a9af61139044c0081e8ff857e5cbe7b448c95ba688994727db48e853f.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected 112ebfad545df3283f22c944b4ede95770d007b00ccd2a4cf554fabc9654540b.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-network-manager] Connected d59b997ecc599e1987f14478ce577f3507018c29fb1f9d72eb412192c9df0033.
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] updateProxyManager()
Jan 6, 2018, 7:33 AM GMT+1 - info: [main/docker-router] runContainer()

I’m including whole log file as an attachment.local-by-flywheel.log (492.8 KB)

Thanks @paweltar! Unfortunately, I’m not seeing much there.

@paweltar @royrogers, can you try the following?

  1. Browse to %AppData%\Local by Flywheel\routes\certs and find the certificate you wish to trust.
  2. Open Cmd.exe as an Administrator
  3. Run certutil -addstore -f ROOT [DRAG AND DROP CERT IN HERE TO COPY PATH]

It should look something like:

certutil -addstore -f ROOT "C:\Users\xxx\AppData\Roaming\Local by Flywheel\routes\certs\some-site.dev.crt"

Thanks for the answer. This command line method doesn’t return any errors - it seems that it does what it should, however, the certificate is still recognized as untrusted by the browsers.

It is probably not very helpful but I made this gif to show how it generally looks like


This gif doesn’t show that after I click “Trust” button - the system prompt appears that asks for some permission like I described it in the first post. But when I confirm it - the button is still grey and there is no padlock in a browser.

In this certificate info window on a screenshot above it says at the bottom "Certificate state: “This certificate is valid”
On the other hand here it shows as invalid:
So it is confusing. I wonder what can be the reason. I would be happy to provide some additional data but I don’t know what would be useful.

I can add that the gif is recorded before I entered this command you suggested and the screenshots are taken after. But certificate is still untrusted.

@paweltar,

I really appreciate all of the details and the GIFs!

In order for Chrome on Windows to use the newly trusted certificate, you have restart Chrome. Please let me know if doing so helps.

Yes, it helps! Thanks a lot. Such an easy fix and I didn’t think about this

1 Like

Clay,

I had to clear all my chrome data (including media license and cloud host data) in order for it to work. It does now.