Yep. You apparently need HTTPS for intranet resources too, or you can't develop/use web-apps in Chrome, and since no self-respecting CA would certify your localhost, internal homegrown CA it is, baby — and given the web runs on the lovely model "any CA can attest any website; okay, maybe CAA is not a bad idea"...