Using Neowise with self-signed certificate on Safari

1 Introduction

Self-signed certificates are not recommended for production use. However, the may come in handy on the development systems. Browsers like Chrome or Firefox do not show problems when using Neowise or Priint:Suite with such a certificate. However, Safari tends to be more strict and blocks the secured websocket connections (wss), which will end up in the unsuccessful login attempt and a console error (WebSocket network error: OSStatus Error -9807: Invalid certificate chain) or even an endless loop. The easiest way to overcome this problem is to use other browser e.g. Chrome. For some system this may not be possible so this article describes a way to trust the certificate of the website and enable the websocket connection again in Safari.

2 Prerequisites

The information in this article refers to Priint:Suite and Neowise 4.1.9 and higher. The tested browser version is Safari 15.6.1 with MacOS Catalina.

3 Trusting self-signed certificate for wss websocket connection

At the beginning, you will be asked to accept the risk of connecting to a website with not-trusted certificate. Please choose "visit this website".

After accepting the risk, please click the lock button located in the address bar next to the address of your website. Drag and drop the certificate image to your desktop.

Drag and drop the certificate to the key chain.

Edit the rules for the certificate. From the drop-down choose "Always trust".

From now on you will be able to log into Neowise or Priint:Suite using Safari and the trusted certificate.

If the certificate changes, Safari may throw a message "Safari can’t open the page because Safari can’t establish a secure connection to the server server.name ". In such a case, delete the certificate and repeat the steps.