Update (2018.02.16): in recent Chrome for Linux versions (at least since 48.*, i.e. 2016 January ... I couldn't find an installer for older versions) you can manage SSL certificates using the GUI. Visit the chrome://settings/certificates screen and use the "Import" button on the proper tab.
First of all, you can view Chrome's certificate store here: "Settings" / "Show advanced settings..." / "HTTP/SSL" / "Manage certificates..."
The server certificates (you import) will show up on the "Servers" tab.
You've to install the
libnss3-tools
package and use
certutil
to manage the certificate store. It's location is:
$HOME/.pki/nssdb
.
To list the certificates:
certutil -d sql:$HOME/.pki/nssdb -L
To add a self-signed peer (i.e. not certificate authority) PEM certificate:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n "some_nickname" -i some_certificate.pem
To add a CA (root) PEM certificate:
certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n "some_nickname" -i some_CA_certificate.pem
P.S.: note that the "sql:" prefix for the
-d
option is important, if you omit it, you'll get an error (eg.
"certutil: function failed: The certificate/key database is in an old, unsupported format.")
Comments
Thank you so much!