Skip to content

Instantly share code, notes, and snippets.

@IngussNeilands
Created September 13, 2017 08:30
Show Gist options
  • Save IngussNeilands/3bbbb7d78954c85e2e988cf3bfec7caa to your computer and use it in GitHub Desktop.
Save IngussNeilands/3bbbb7d78954c85e2e988cf3bfec7caa to your computer and use it in GitHub Desktop.
If you are using Google Chrome and Client SSL Cert and you are tired of constantly selecting certificates, try this:
1. Download and extract Chrome policy templates from here: http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
2. Start the Local Group Policy Editor: Start > Run > gpedit.msc > OK
3. Right-click on Computer Policy > Computer Configuration > Administrative Templates and choose Add/Remove Templates…
4. Click Add…, choose policy_templates\windows\adm\en-US\chrome.adm (from the already downloaded and extracted policy templates) and click Open (Note: if your Windows language is different from en-US choose the chrome.adm from the respective language folder)
5. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Classic Administrative Templates (ADM) > Google > Google Chrome > Content Settings
6. Double-click on Automatically select client certificates for these sites
7. Click Enabled
8. Click Show… in the Options pane
9. Consecutively add the following lines:
{"pattern":"https://[*.]example.com","filter":{"ISSUER":{"CN":"example.com"}}}
10. Click OK
11. Re-launch Chrome
12. Done. No more annoying pop-ups!
If you’re on a Mac you’ll have to create/edit file /Library/Preferences/com.google.Chrome.plist and insert the following code (extend it for more server addresses):
<plist version="1.0″>
<dict>
<key>AutoSelectCertificateForUrls</key>
<array>
<string>{"pattern":"[*.]example.corp","filter":{"ISSUER":{"CN":"example.com"}}}</string>
</array>
</dict>
</plist>
@DemianTinkiel
Copy link

can this be done for mobile version of chrome?

@Yrlish
Copy link

Yrlish commented May 10, 2019

@DemianTinkiel AutoSelectCertificateForUrls only works for Google Chrome on Linux, Mac and Windows and Google Chrome OS. See http://www.chromium.org/administrators/policy-list-3#AutoSelectCertificateForUrls

@DemianTinkiel
Copy link

Thanks for the reply. Yeah I had seen it, but I found it confusing given that in the examples of they say Android/Linux and the rules around auto select explicitly state android support

@dmreda
Copy link

dmreda commented Jul 11, 2019

Does this technique apply to the case with multiple profiles EACH with its own certificate? For example, ChromeProfileA uses certA.p12 to access a webstite, but ChromeProfileB uses certB.p12 to access that same web site. Creating the filter for the web site is not a problem, but selected the certificate based on the user profile seems to be missing.

Please point me to a FAQ if this has already been addressed, I've looked but can't find anything relevant.

Thanks!
Dennis

@first-in-first-out
Copy link

Thank you so much!

@ataraxus
Copy link

@DemianTinkiel did you found a way to prevent this dialog? i have the exact same use case and are a bit annoyed that this is not supported on android..

@LorenzoErgondata
Copy link

Thank you very MUCH!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment