I've recently updated Chrome to Version 58.0.3029.110 (64-bit). Since updating all of my development sites secured with valet are throwing a ⚠ Not Secure warning in the browser bar and I'm having to manually add exceptions for development sites.
Things I've tried.
valet forget site && valet link site && valet secure sitevalet stop && valet uninstall && valet installForgetting the site via valet command and recreating and securing it. worked as expected and does serve the site over http:// so I'm fairly confident nginx and dnsmasq are working together properly.
Uninstalling and Reinstalling valet before recreating the site links and securing them also hasn't had the desired result.
I'm a little bit stuck for ideas of what else to try. And it's not being reported as far as I can tell by other users of Valet so I'm guessing it's something localised to my machine.
With additional debugging insight gained from the comments (Thanks for the info)
It appears the certificate is for wordpress.dev but is being served for any-site.dev?
Attackers might be trying to steal your information from dash.reviews.dev (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
Subject: *.wordpress.dev
Issuer: *.wordpress.dev
Expires on: May 30, 2018
Current date: Jun 1, 2017
PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIC/DCCAeSgAwIBAgIJALNqUY/m3QBNMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV
BAMMDyoud29yZHByZXNzLmRldjAeFw0xNzA1MzAxMTE2MjZaFw0xODA1MzAxMTE2
MjZaMBoxGDAWBgNVBAMMDyoud29yZHByZXNzLmRldjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANrWsRS8opaiZn9VBLHCJFqhqe7ZzFCN4YZNKwV+rJMi
3STA3gJEUA8t+bLbLUaXjkUhiyq6TpJp6tKW6AY11iUDCjKCbE5CwOB3sIJAvy/G
w6O/ID3ViYMbqm9pJbnEmlHZP8cizBqfyZy8QZCIrAllc/CdfuxR7dCnXSaw+BkY
fzCUUwMO0O/TmhLEOnqugOkRCx6bNEyN2Jgu/Ll1gHedAZ3BZPifLPpt9tHdkiaU
qdhUQR2s0zig7Pg5NqH7V90q3rRTSWwc2fnu7MxtNyHnjD5kKairmFR+4IEFTHaa
6nODNviwjcV+GaMWwHB/qlLkDceSaM/EH/dDu7lpSD0CAwEAAaNFMEMwCQYDVR0T
BAIwADALBgNVHQ8EBAMCBeAwKQYDVR0RBCIwIIINd29yZHByZXNzLmRldoIPKi53
b3JkcHJlc3MuZGV2MA0GCSqGSIb3DQEBCwUAA4IBAQC/sEY14ES/6A8uIoqUGj1S
f0PHY1atc6XJrvs28+HMRlCS/xEGdeZpGV4F4/XYWJWKqVp0MsKzLUGjMOvvwH53
TtnW88HFQMecjAeSg1k2jT/ZBgFwUhTV1PA5XA00jBMH8oIcTYy0vm+MjCNalRDW
sfsIl91pR8MtFlEp0TV+MbewG4ak8bHzaN0vcO4gMYlUTaq3LmgfYWsdUhIKk3ZE
/pLH3gVmQitPZXTiwKA83msbDGlDBimE3n8QCcJIVBZJf6tOvE3eemBMIbNoucb3
25/7FQw8WwV7Nzo1HF7jLsLYNB49OriDrOW9hk2qUfOzbsdq8UUcFitdAvXzfjCs
-----END CERTIFICATE-----
I've used valet forget wordpress and manually removed wordpress symlink as this didn't seem to do anything but suspect the nginx config needs to be rewritten and am not sure where / how to do this or why I should need to if valet is working correctly?
So valet forget only works with parked directories
I'm using valet link and having removed the symlinks the residual conf files were still in place.
Even after valet uninstall it didn't remove ~/.valet which was full of old site certificates.
I'm guessing there was some conflict in which one to serve and the one it chose was invalid for the current domain.
About to do a full removal and reinstall all the dependencies in the hope that sorts things. If it does I'll accept this answer, if not I'll update.
Valet does not uninstall / re-install well at all.