How to add self-signed certificates to the certificate store on Ubuntu Linux 12.04 to remove security warnings in Google Chrome
I use self-signed certificates for my websites and I finally found the security warnings in Google Chrome (Chromium) annoying enough that I decided to do something about it. When you’re accessing your sites many times a day, that extra step of clicking “continue” adds up. The solution is to add the certificate and make it “trusted” in the certificate store that Google Chrome uses.
On Windows, this is very easy to do. You simply export the certificate, double-click on it, and install it in the Trusted Root Certification Authority store.
Google Chrome/Chromium uses the NSS Shared DB and we have to download a tool and use command line to manage it.
First Step: Install the tools for managing the certificates
You may already have this installed, but in case you don’t:
sudo apt-get install libnss3-tools<br>
Second Step: Export the certificate to a file add add it to the store as a trusted root CA certificate
certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n <certificate nickname> -i <certificate filename>
Example:
certutil -d sql:$HOME/.pki/nssdb -A -t "C,," –n * –i *.calazan.com /home/jc/Downloads/calazancom.cer
Close and re-open your Google Chrome browser and go back to your website. The certificate should now be trusted.
Other useful commands:
To view a list of all the certificates in the store:
certutil -d sql:$HOME/.pki/nssdb –L
To display the details of a certificate:
certutil -d sql:$HOME/.pki/nssdb -L -n <certificate nickname>