I am certainly not one to accept a bad certificate without just cause. However, when you signed your own certificate I see no reason not to accept it for yourself. I ran into such a case recently.

In my last post I mentioned setting up my own ZNC bouncer for IRC. Part of that is a web GUI where you can configure some setting for your account. Well, when I made it, I just went with an auto-generated self signed certificate, but this caused me a bit of a problem later when I went to use it, even on the local machine. Firefox said that it was a bad TLS certificate and said that it wouldn’t accept it.

Firefox also gave no option to use it. I’m used to seeing something about adding an exception, but that apparently isn’t the way it’s done anymore. So, I had the opportunity to import it myself. From the Firefox error page, if you click view certificate, you can click the links to download it as a .pem file. Make sure you get the chain file, too.

Now just go to Firefox’s preferences, where you can search “certificate” in the search option, or go to Security and it should be half way down the page. Once there, you can “view certificates” and click on the people tab so you can import your self signed certificate.

It’s that simple, now you can visit that page and Firefox will not so much as raise an eyebrow to it. Okay, technically it does because it has a lock with a triangle warning over it, since you added an exception, but it still works just fine.

Linux – keep it simple.

Leave a Reply

Your email address will not be published. Required fields are marked *