Self-Signed Certificate with HSTS Site and ZAP with Chrome

twitter logo github logo ・1 min read

If you happen to have problems with OWASP ZAP using Chrome and visiting a site that supports HSTS in Windows? Just follow theses steps:

  1. Enable unsafe renegotiation in ZAP
  2. Install Java Cryptography Extension (JCE) for your Java version. Here is the link for Java 8

    • Download and unzip the file.
    • Extract jce\local_policy.jar and jce\US_export_policy.jar from the archive to the folder %JAVA_HOME%\jre\lib\security, overwriting the files already present in the directory.
  3. Disable security in Chrome options.

    • Go to chrome://settings
    • Click on Protect you and your device from dangerous sites to disable it.
twitter logo DISCUSS
Classic DEV Post from Apr 18

There's More Than One Way to Become a Developer

An overview of the pros and cons of the different education options to become a developer

GaMa profile image
Dev, Infosec

👋 Hey dev.to visitor

dev.to is home to thousands of developers writing helpful posts like this one.

It's a great coding community and it's 100% open source.

Sign up now ❤️