If your organization is like most, they will have sites that use a self-signed (or untrusted authority) certificate.
In cryptography and computer security, a self-signed certificate is an identity certificate that is signed by the same entity whose identity it certifies. This term has nothing to do with the identity of the person or organization that actually performed the signing procedure. In technical terms a self-signed certificate is one signed with its own private key.
The reason Chrome doesn’t trust this by default is that it has no way to verify that the certificate is being sent by the server that generated the key, and therefore can’t ensure that the server actually is the one that the certificate claims it is.
So when you go to the site, you get the scary looking screen that warns you that your connection might not actually be secure (because self-signed certificates are more vulnerable to a man-in-the-middle attack).
To get past this error, you can click the little “Advanced” link, to again be warned about the error, and then click the scary link that allows you to proceed to the unsafe site:
Along with the warning (and the whole time you are on this unsafe site), you’ll also see the crossed out lock icon, and the https will be red and struck through
Click on the “Certificate Information” link, and you’ll see something like this:
Now comes the less than intuitive part: Grab the certificate image and drag it to your desktop (or if you have keychain open you can just drag it there):
If you placed the certificate on your desktop, double click it to start the import process, and be sure to set it as “System” on the keychain drop down:
You’ll then get prompted for your password, and keychain should open asking you if you want to trust the certificate:
To complete the import just click the “Always Trust” button. If they’ve created the certificate for SSL, that would be all you need to do. However most of the time it’s just a simple X.509 certificate, which means you have to tell your machine to trust it for SSL.
So from keychain, reopen the certificate, Expand the Trust section, and change the SSL setting to “Always Trust”
Close the dialog to save the changes (you’ll be prompted for your password again), and that’s it. If you refresh the browser window you should see the happy green lock:
If you don’t see the green lock, just restart Chrome (which you can do by typing “chrome://restart” into the address bar).