Understanding the Error
Self-signed certificates are not trusted by browsers for public websites.
Fix for Public Websites
Don't use self-signed certs on production. Get free certificate:
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d yourdomain.comFix for Internal/Development Use
If you must use self-signed for testing:
Option 1: Browser Exception
Click "Advanced" → "Proceed to site" (not for production).
Option 2: Add to Trust Store (Local Machine)
# Linux
sudo cp certificate.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
# Windows
Import .crt file to "Trusted Root Certification Authorities"Generate Proper Self-Signed Cert (for internal use)
openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout selfsigned.key -out selfsigned.crt
-subj "/CN=yourdomain.com"Create Your Own CA (for multiple internal sites)
# Generate CA
openssl genrsa -out myCA.key 2048
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 3650 -out myCA.pem
# Sign certs with your CA
# Then trust myCA.pem on all internal machines⚠️ Never use self-signed certs for public e-commerce or login pages.