Receiving `NET::ERR_CERT_AUTHORITY_INVALID` error with .app domain

I'm trying to make example.app work with my linode’s webserver but always receive the following error message:

Your connection is not private 
This server could not prove that it is *example*.app; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
NET::ERR_CERT_AUTHORITY_INVALID

1 Reply

It sounds like you’re running into trouble thanks to HSTS (HTTPS Strict Transport Security). As a security measure, HSTS forces browsers to always use https (instead of http) for your website. Since Google added the entire .app domain to an HSTS Preload List, you will need an SSL certificate for any .app site to be viewable.

For instructions on installing an SSL certificate on your site, check out this post or skip straight to our guide here.

For more detail on HSTS check out the Wikipedia entry.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct