Linux Certificate Madness

Add local certificates to /usr/local/share/ca-certificates/

Run update-ca-certificates

Firefox fix

: More than one?

Example to add MY-PRIVATE-ROOT.crt as a certificate for firefox:

#!/bin/sh
FIREFOX_HOME=/usr/lib/firefox-esr
cat - <<EOF_FF_POLICY > $FIREFOX_HOME/distribution/policies.json 
{
"policies": {
  "Certificates": {
    "ImportEnterpriseRoots": true,
    "Install": [
               "MY-PRIVATE-ROOT.crt",
                "/usr/local/share/ca-certificates/MY-PRIVATE-ROOT.crt"
               ]
    }
  }
}
EOF_FF_POLICY

Electron Certificate User Fix

TODO: Global would be nice. . .

certutil -A -n "ROOT-CA" -t "TCu,Cu,Tu" -i /usr/share/ca-certificates/...the-cert... -d sql:/home/${USER}/.pki/nssdb

Table of Contents

Linux Certificate Madness

Firefox fix

Electron Certificate User Fix