Background

Late in 2021, Google announced that they were going to be disabling access to "insecure localhost" via https.

This means that self-signed certificates which had been working fine for years would stop working

They announced the roll out in 3 phases

Phase 1 - Console Warning

They began by warning when insecure access was being used. This would take the form of a warning in the javascript console. Sites and features using insecure localhost (self signed certs) would continue to work

Phase 2 - Soft Fail (with workaround)

Next they would implement failure  - where sites / services using insecure localhost would be  blocked with a refused connection. However, there is an option to go into Chrome settings and enable insecure localhost to continue working

To access this feature open Google Chrome to the the URL

chrome://flags/#allow-insecure-localhost

or MS Edge Chromium to the URL

edge://flags/#allow-insecure-localhost

And set the value to Enabled

This workaround needs to be applied by the browser user.. eventually, the workaround will be disabled by Chrome

It is our understanding that this requirement will be enforced starting in Google Chrome release 107

Phase 3 - Hard Fail (Refusal with no workaround)

Eventually the allow-insecure-localhost flag will be removed and there will be no option to enable it

WebCapture Service

The WebCapture service runs a small REST-ful service on the local machine - either per user or as a system service. It runs on 127.0.0.1 (localhost) and has both HTTP and HTTPS versions to allow it to function without warnings for HTTP and HTTPS sites

This service runs at

HTTP
http://127.0.0.1:23023/sessions

HTTPS
https://127.0.0.1:23024/sessions

If you have the WebCapture Service installed, you can "sanity check" if your Chrome / Edge is having an issue with it by hitting that URL

Success will respond with a simple JSON either Empty [] or with an array of integers [ 123456789, 987654321, etc... ] and there will be no security warning or issue with the certificate when served via the HTTPS link

If your run this on your machine and get any errors you may well have an affected version

Fix Provided (11.3.0.3.0.730 and later)

Starting in March 2022, Atalasoft WingScan (WebCapture) released version 11.3.0.3.0.730 which had a fix for this issue. We began to use a fully signed certificate which Google Chrome (and Edge Chromium) would accept as fully secure

Versions of Kofax WebCapture 11.3.0.3 or greater have addressed this issue.

You can Download 11.3.0.3.0.730 directly

Latest Version (11.4.0.3.0.311 as of October 18, 2022)

Atalasoft support strongly recommends moving to the very latest 11.4.0.3 (as of this article publication)

Atalasoft Download Page (where you can get the latest official release)

Temporary Workaround

As mentioned above, while in phase 2, it should still be possible to manually enable insecure mode by opening your browser to the appropriate settings page and setting the value enabled

To access this feature open Google Chrome to the the URL

chrome://flags/#allow-insecure-localhost

or MS Edge Chromium to the URL

edge://flags/#allow-insecure-localhost

This WILL STOP WORKING so this is a temporary fix - customers are urged to begin updating their version to a supported version before phase 3. We do not have dates on phase 3 but phase 2 begain on or around October 17, 2022

Other Possible (temporary) Workaround

If you are unable to update your version of WingScan to 11.3.0.3.0.730 or later and /or if the manual entering of the URLs by your end users is not possible due to settings lock down or other reasons, support may have a "nuclear option". In the case that the official fix and /or workarounds are not possible please open a support case with Atalasoft

Separate From Google Root Store Issue

Starting with the release of Google Chrome 105, Google has "soft launched" a new "root store"  - changing how they handle secure certificate signing. The issue described here in this article is separate and distinct from that issue.

Please ensure you are updating to the 11.3.0.3.0.730 or later if your users are experiencing issues with web capture suddenly failing on Chrome, but then if that does not address the issue then, also see:

FAQ:Changes to Google Root Store Causes WebCapture (WingScan) to Stop Working (Chrome 105 and Later)