mkcert
mkcert copied to clipboard
FiloSottile
`mkcert -install` fails to install for Firefox on macOS
I am attempting to test rustls usage in actix-web with this example. It recommended I use mkcert to set up a local CA.
It looks like mkcert was able to install it at the system level, but it gets errors when trying to install it for Firefox:
$ mkcert -install
The local CA is now installed in the system trust store! ⚡️
Installing in Firefox failed. Please report the issue with details about your environment at https://github.com/FiloSottile/mkcert/issues/new 👎
Note that if you never started Firefox, you need to do that at least once.
I have started Firefox before. The error occurs regardless of whether Firefox is started. The server can be started and accessed with curl -k, however Firefox returns SEC_ERROR_UNKNOWN_ISSUER and Chrome returns NET::ERR_CERT_AUTHORITY_INVALID.
System information:
- macOS 10.13.6
- Firefox 84.0.1 (64-bit)
- mkcert 1.4.3 (installed with
brew install --build-from-source)
Hey I just manually imported the .pem file to Firefox Browser and it worked.
I get an error when it tries to run certutil -- most likely because of the space in the profile path. Since it does an exec.Command of certutil with a constructed command line, the space in the profile path would need to be escaped or something.
└─$ mkcert -install Sudo password: The local CA is now installed in the system trust store! ⚡️ ERROR: failed to execute "certutil -A -d sql:/Users/jscardelis/Library/Application Support/Firefox/Profiles/2paahz91.default": exit status 255
certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.
Hey I just manually imported the .pem file to Firefox Browser and it worked.
How do you do that?
Hey I just manually imported the .pem file to Firefox Browser and it worked.
How do you do that?
Settings -> Privacy & Security -> View Certificates (Under Certificates section) -> click on Authorities tab -> Click on Import and select .pem file that's it (restart Firefox)