Stop repetetive "Accept Risk" for mkcert SSL certificate?
In my dev laptop I installed an SSL cert using mkcert. Works fine in all desktop browsers. They don't even prompt to accept the "risk" and continue. But in my Android phone on the same LAN (with the dev subdomain in dns) I get that prompt from both Chrome and Firefox. That would be acceptable, except Firefox prompts pretty much every time I return focus to the app. It gets annoying having to click two extra buttons (Advanced then Accept Risk and Continue) for every code change that needs to be tested in all browsers.
Is there any way to make Android Firefox permanently accept the cert or any other solution?
Izabrano rješenje
If they are accepted in the Android OS you will need to enable importing of Android custom certs/ca files into Firefox. You will need to follow the enable secret settings and then go into the settings -> Secret settings -> Use third party CA certificates
Pročitajte ovaj odgovor sa objašnjenjem 👍 1All Replies (9)
HI
What version number of Firefox for Android do you have installed on your Android device?
90.1.1
Do you have the certificate installed in Android on your device?
I suppose not. When I click on the lock in the address bar all it displays is:
Secure Connection Verified By: mkcert development CA
There is no option from there to install the cert, so how is that done?
LG Stylo 4 running Android 8
Hi
You will need to install the certificate through the Android Settings app.
Search the Android Settings app for "certificates" and "Install from SD card" to install the certificate.
I hope that this helps.
Installed mkcert root CA in Android Settings / General / Lock screen & security / Encryption & credentials / Install from storage
Installed cert for dev.mydomain.com
In Trusted credentials selected mkcert from the User tab then clicked TRUST
Restarted the phone
Firefox still does not trust dev.mydomain.com. :-(
Same routine again except for Wi-Fi instead of VPN & Apps
Firefox still does not trust dev.mydomain.com. :-(
I also converted .pem to .crt but still no joy.
Odabrano rješenje
If they are accepted in the Android OS you will need to enable importing of Android custom certs/ca files into Firefox. You will need to follow the enable secret settings and then go into the settings -> Secret settings -> Use third party CA certificates
Joy achieved! Thank you both! :-)