Desktop Client error message when using self-signed certificate


#1

Hello Rocket.Chat community,

I’m running the Linux desktop client on my Ubuntu computer for a while now, and it’s great.

Recently, I also create a self-signed certificate for development purposes (using https://github.com/FiloSottile/mkcert in this case).

Now, the RC client presents me with an error message/modal dialog prompting me to trust my local certificate for an googleads.g.doubleclick.net URL (ERR_CERT_COMMON_NAME_INVALID).

It’s probably an issue I should ask the mkcert makers, but I wonder why the RC client would call a google ad URL anyway? Does anyone have a clue why this might happen at all?

Best regards,
Mattsches


#2

Short update: In the mkcert repo, it says:

Node does not use the system root store, so it won’t accept mkcert certificates automatically. Instead, you will have to set the NODE_EXTRA_CA_CERTS environment variable:

export NODE_EXTRA_CA_CERTS="$(mkcert -CAROOT)/rootCA.pem"

Tried this, but to no effect re the RC client.

Is there any other way to let the client know about the root cert? Couldn’t find anything in the docs (https://rocket.chat/docs/developer-guides/mobile-apps/supporting-ssl/ only applies to the server, right?)

Regards
Mattsches


#3

After updating and restarting everything, this problem does not occur anymore.