Description

When a Sitecore XP 10.0, 10.1, or 10.2 user logs in to development Docker deployment in Chromium-based browsers using default hostnames with the "localhost" subdomain, the browser might return the following error:

ERR_CONNECTION_REFUSED

The root cause of the issue is that Google Chrome version 132 introduced the following change:

ignore Strict-Transport-Security headers on responses from localhost URLs

This results in a failure to redirect from HTTP to HTTPS, with HTTP 307 Internal Redirect.

For example, it affects the default hostname with the "localhost" subdomain for Sitecore XM topology like:

• https://xm1cm.localhost
• https://xm1id.localhost

Solution

To resolve this issue, consider the following steps:

1. Replace the "localhost" hostname in the .env file with something different. For example, change your "localhost" subdomain to "mydevdomain" for the previous Sitecore XM topology:
   
   • CM_HOST=xm1cm.mydevdomain
2. Generate new certificates for the site:
   
   • For Sitecore 10.0, 10.1, proceed as specified in 3.3. Generate TLS/SSL certificates for reverse proxy section of Installation Guide for a Developer Workstation with Containers.
   • For Sitecore 10.2, use the compose-init.ps1 script mentioned in 1.3.3. Run script to prepare for deployment section of Installation Guide for Developer Workstation with Containers.

Refer to KB1000586 for more details on the issue in Mozilla Firefox.