Skip to content

Issue with new SHA256 certificates on Windows #648

Description

@thrandre

I'm submitting a bug report

webpack and webpack-dev-server version:
webpack: 2.1.0.beta-25
webpack-dev-server: 2.1.0-beta8

Please tell us about your environment:
Windows 10
Running server via CLI (https enabled)

Config:

    devServer: {
        publicPath: "http://localhost:8080/assets/",
        https: true,
        inline: true,
        contentBase: "https://localhost:44392"
    }

Current behavior:
New SHA256 certificates are reported as being invalid (The signature of the certificate cannot be verified.) on Windows 10. Browsers refuse to connect.

** Result after verification by certutil **

Issuer:
    CN=localhost
    O=webpack
    S=Some-State
    C=US
  Name Hash(sha1): c09e932a57991f558ce9c1356054b21339ebeea8
  Name Hash(md5): d385876d7cf158cfc6e6bacc097efd90
Subject:
    CN=localhost
    O=webpack
    S=Some-State
    C=US
  Name Hash(sha1): c09e932a57991f558ce9c1356054b21339ebeea8
  Name Hash(md5): d385876d7cf158cfc6e6bacc097efd90
Cert Serial Number: 8dca6301d73b9c66

dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_BASE
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_SIGNATURE_VALID (0x8)
ChainContext.dwErrorStatus = CERT_TRUST_IS_UNTRUSTED_ROOT (0x20)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_SIGNATURE_VALID (0x8)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_UNTRUSTED_ROOT (0x20)

CertContext[0][0]: dwInfoStatus=c dwErrorStatus=28
  Issuer: CN=localhost, O=webpack, S=Some-State, C=US
  NotBefore: 27.08.2016 17.31
  NotAfter: 09.01.2018 17.31
  Subject: CN=localhost, O=webpack, S=Some-State, C=US
  Serial: 8dca6301d73b9c66
  Cert: 5117f06a1d761f80eabb34f7385e3d86721effed
  Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
  Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
  Element.dwErrorStatus = CERT_TRUST_IS_NOT_SIGNATURE_VALID (0x8)
  Element.dwErrorStatus = CERT_TRUST_IS_UNTRUSTED_ROOT (0x20)

Exclude leaf cert:
  Chain: da39a3ee5e6b4b0d3255bfef95601890afd80709
Full chain:
  Chain: 5117f06a1d761f80eabb34f7385e3d86721effed
  Issuer: CN=localhost, O=webpack, S=Some-State, C=US
  NotBefore: 27.08.2016 17.31
  NotAfter: 09.01.2018 17.31
  Subject: CN=localhost, O=webpack, S=Some-State, C=US
  Serial: 8dca6301d73b9c66
  Cert: 5117f06a1d761f80eabb34f7385e3d86721effed
The signature of the certificate cannot be verified. 0x80096004 (-2146869244 TRUST_E_CERT_SIGNATURE)
------------------------------------
CertUtil: -verify command FAILED: 0x80096004 (-2146869244 TRUST_E_CERT_SIGNATURE)
CertUtil: The signature of the certificate cannot be verified.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions