2y ago

How to make Firefox trust a self-signed certificate?

I'm a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac's root certificate store and have no security issues, but when I try and access the web app, I'm hit with "Warning: Potential Security Risk Ahead" and the error code is MOZILLAPKIXERRORCACERTUSEDASENDENTITY

I really miss Firefox, particularly the multi-account containers feature. What do I need to do so that Firefox will trust my certificate for my local web app?

2 comments

Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn't allow that for certificates used as ‘end entity’ certificates. You'll want to re-generate the certificate without the extension.
- Looking at the certificate, it seems that yes, the certificate authority is set to 'yes'. So the certificate needs to be regenerated?