allow self-signed certificates

[matt-cook]

Follow up to #274 and #199 .

Possible to add a whitelist or similar function (similar to the Chrome warning page presented during browsing) to allow self-signed certs? Would be useful for shared testing servers, or intranet (or other limited access). Often proper CA certs are not an option in these situations.

[annevk]

You can already configure these with your browser, no? This is not an issue for the specification.

[flaki]

Hi @matt-cook!
You could disable certificate checks for development in Firefox already, and the Chrome team is working on similar helper tooling.

[matt-cook]

Bummer. We currently have a Chromebox-based local (intranet) installation we'd love to use ServiceWorker-based caching on (http://www.livsreise.org/map-your-journey/). Sounds like we'll need to wait until browsers can handle those permissions, or get a proper CA cert. Thanks guys.

[annevk]

I recommend figuring out certificates. You'll need them for a host of new features soon and generally it's better for your users.

[redochka]

@flaki thanks for the chrome's link. Chrome team fixed it now you can use:

./chrome --user-data-dir=/tmp/foo --unsafely-treat-insecure-origin-as-secure=http://your.insecure.site

See list of changes that pertain to Service Worker in Chrome 44: https://groups.google.com/a/chromium.org/forum/#!topic/service-worker-discuss/C9LHhAcz7mw

[75lb]

@matt-cook it's trivial to create a valid, self-signed certificate for local ServiceWorker projects - no need for openssl, verification or any 3rd party.. follow these steps.

[khiav223577]

@flaki thanks for the chrome's link. Chrome team fixed it now you can use:

./chrome --user-data-dir=/tmp/foo --unsafely-treat-insecure-origin-as-secure=http://your.insecure.site

Now you can type chrome://flags/#unsafely-treat-insecure-origin-as-secure in the address bar of your chrome to open the settings' page.