Wondering why your internal .dev web app has stopped working?

Found on The Register on Thursday, 30 November 2017

Rather than connecting to private stuff on an internal .dev domain to pick up where they left off, a number of engineers and sysadmins are facing an error message in their web browser complaining it is "unable to provide a secure connection."

Chrome forces connections to all domains ending in .dev (as well as .foo) to use HTTPS via a HTTP Strict Transport Security (HSTS) header. This is part of Google's larger and welcome push for HTTPS to be used everywhere for greater security.

In another commit, Google renames Chrome to GTNB: Google's Nanny Telemetry Browser. Yes, security is important, but you don't mess with your user's setups. It's main use is on internal testing systems, and if you need the security of HTTPS on your Intranet, then your security problems are somewhere else, and much bigger than you thought.

Browse all articles« Previous « » Next »