Self-Signed Certificate in Certificate Chain Error

There a few reasons you may be seeing this error, the two most common ones are:

  1. You are behind a “transparent proxy”, which means someone (such as your IT department) is intercepting HTTPS traffic, decrypting it, and then encrypting it using a self-signed certificate
  2. You are running software, such as anti-virus software, which is injecting a self-signed SSL certificates into the HTTPS messages you receive

When Storage Explorer encounters one of these “self-signed certificates”, it can no longer know if the HTTPS message it is receiving has been tampered with. If you have a copy of the self-signed certificate though, then you can tell Storage Explorer to trust it. If you are unsure of who is injecting the certificate, then you can try to find it yourself by doing the following:

  1. Install Open SSL
    • Windows (any of the light versions should suffice)
    • Mac and Linux: Should be included with your operating system
  2. Run Open SSL
    • Windows: Go to the install directory, then /bin/, then double click on openssl.exe
    • Mac and Linux: execute “openssl” from a terminal
  3. Execute s_client -showcerts -connect microsoft.com:443
  4. Look for self-signed certificates. If you’re unsure which are self-signed, then look for any where the subject (“s:”) and issuer (“i:”) are the same.
  5. Once you have found any self-signed certificates, then for each one, copy and paste everything from and including -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- to a new .cer file.

Open NotePad. Make sure, you are copying everything between —BEGIN CERTIFICATE— and —END CERTIFICATE— block. For example, if there are two certificates, then the file would be;

—BEGIN CERTIFICATE—

—END CERTIFICATE—

—BEGIN CERTIFICATE—

—END CERTIFICATE—

Save File as .cer on your computer.

  1. Open Storage Explorer and then go to Edit -> SSL Certificates -> Import Certificates. Using the file picker, find, select, and open the .cer files you created.

Resource;

https://github.com/CawaMS/StorageExplorerTroubleshootingGuide/blob/master/se-troubleshooting-guide.md#self-signed-certificate-in-certificate-chain

FavoriteLoadingAdd to favorites
Spread the love

Author: Shahzad Khan

Software developer / Architect