Cant confirm cert on custom host with dev domain

[grindpride]

OS: Windows 11

vite --https --host any-custom-host.dev --port 443 --mode multi --strictPort

vite.config.ts

export default defineConfig({
  server: { https: true },
  plugins: [vue(), basicSsl()],
  preview: {
    https: true
  }
})

there is no cert confirm button in chrome and firefox

host with ru domain works well

vite-plugin-mkcert works well with .dev domain

[bluwy]

Actually this is indeed about the .dev domain specifically as browsers have different hardcoded handling for it, but I'm not sure what we need to do to fix it.

[sapphi-red]

.dev is included in the HSTS preload list (chromium's one) and it seems browsers require a certificate trusted by the machine for those domains.
https://stackoverflow.com/a/49505444

mkcert works because it installs a local CA to the machine, which will make the self-signed cert "trusted". This means you (and your browser) will "trust" any certs created by that local CA. This requires you to keep the local CA key safe (or delete it).