TO let chrome trust the cert, I should export the cert as PKCS#7 version , and use certmgr.msc to reimport the exported cert, and then chrome will trust the cert.
But the default cert expires too soon, and then my chrome will not trust before imported cert, and I will do that export and import again and agin.
So if the default cert will have a longer expire time and so chrome will trust the cert longer?
2. Error messages and/or full log output:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
After many tries, I can only make chrome trust the cert by export untrusted cert from chrome as PKS#7 format , and re import by certmgr.msc.
And if I import caddy root CA cert (located at pki/authorities/local/root.crt ) by certmgr.msc directly, the chrome can not trust it.
Since both the cert located at the system cert store, why the firstly re imported cert can trust by chrome, but directly imported cert can not trust by chrome ?
Most browsers now ship with their own trust store, so adding the cert to the system’s trust store is sometimes not enough to have browsers also trust it.