How to add an SSL certificate to Chrome's certificate list in Ubuntu

First of all, you can view Chrome's certificate store here: "Settings" / "Show advanced settings..." / "HTTP/SSL" / "Manage certificates..."
The server certificates (you import) will show up on the "Servers" tab.
You've to install the libnss3-tools package and use certutil to manage the certificate store. It's location is: $HOME/.pki/nssdb.

To list the certificates:
certutil -d sql:$HOME/.pki/nssdb -L

To add a PEM certificate:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n "some_nickname" -i some_certificate.pem

P.S.: note that the "sql:" prefix for the -d option is important ... if you omit it, you'll get an error (eg. "certutil: function failed: The certificate/key database is in an old, unsupported format.")

P.S.: the -t option's value consists of a series of flags. "P" should be used for self-signed certificates and "C" should be used for root (CA) certificates.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Thank you so much!

Thank you so much! Couldn't figure out that "sql" trick.

Syndicate content