I’m a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac’s root certificate store and have no security issues, but when I try and access the web app, I’m hit with “Warning: Potential Security Risk Ahead” and the error code is MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY

I really miss Firefox, particularly the multi-account containers feature. What do I need to do so that Firefox will trust my certificate for my local web app?

  • Jarvis2323
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Firefox has its own certificate store, and does not use the system one. So you have to import the cert into FF trusted store.

  • Mr_Figtree@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn’t allow that for certificates used as ‘end entity’ certificates. You’ll want to re-generate the certificate without the extension.

    • KiwiNFLFan@fedia.ioOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Looking at the certificate, it seems that yes, the certificate authority is set to ‘yes’. So the certificate needs to be regenerated?