How to disable Chrome’s ssl and hsts warnings

The modern Internet is full of nasty things, most users need protecting from themselves. Sometimes though, it’s important to be able to touch the sharp end of the Internet in order to fix it.

Chrome has this highly irritating way of saying “no, that website is dangerous, go away”. Some of these warnings you can click through, but if your site is configured to use HTTP Strict Transport Security or HSTS then you’re out of luck. There’s no way your browser is going to ignore a problem with the certificate.

For 99.9% of the people browsing the web, this is exactly what needs to happen. When you’re the 0.1% who needs to fix the broken website, it just gets in the way.

The SSL certificate on my Mastodon server expired due to complex and tedious NGINX proxy problems. Thing is, I couldn’t diagnose the problems because Chrome wouldn’t even send an HTTP request for me to look at in the logs.

Turns out you can temporarily disable this. If you type in thisisunsafe into the browser window then Chrome will take a chill pill and let you through. Hopefully you’re smart enough to realise this isn’t something to do habitually should Amazon or your bank’s website go wonky, but if it’s your website and you’re trying to fix a broken SSL certificate? Go for it.