Allow SHA-1 Certificates on Chrome 57 and higher for Mac

My company’s self-signed certificate that is used for some web filtering of HTTPS traffic is signed with SHA-1. Starting with Chrome 57, that means anything that is resigned using that certificate will fail to load without the workaround of typing “badidea” at the warning page ever time a page loads.

Here’s a better workaround.

  1. Quit Google Chrome
  2. Open Terminal
  3. Type the following two commands and hit enter after each one:

    defaults write com.google.Chrome EnableCommonNameFallbackForLocalAnchors -bool true

    defaults write com.google.Chrome EnableCommonNameFallbackForLocalAnchors -bool true

  4. Open Google Chrome

Of course, the best solution would be for me to get them to resign the certificate with something more secure than SHA-1.