Hi! :-) I am hosting a website with SSL access in a local network using a custom certificate. This naturally results in "This Connection is Untrusted" warnings etc., and … (read more)
I am hosting a website with SSL access in a local network using a custom certificate. This naturally results in "This Connection is Untrusted" warnings etc., and I can "Add permanent exception". But I need to avoid the warnings altogether and have Firefox fully trust the certificate. The reason being that I need to make full use of PWA features like "Add to home screen" popups etc., and it seems these dont work with security exceptions.
So, trying to add this certificate (certificate generation commands can be found @ https://android.stackexchange.com/a/70123/223946), in Android, I selected Settings "Security" -> "Install from storage" and put it inside the "Trusted credentials". (Also see screenshot – taken from https://cheapsslsecurity.com/blog/install-ssl-certificate-on-android/) It is now successfully listed under "USER".
But nothing changed. Firefox mobile (tried both version 68 and Preview/Fenix) still does not trust the website, even after reboot. In v68, I even toggled about:config security.enterprise_roots.enabled back and forth without success. I also tried to import a self-signed root CA instead and sign the webserver certificate with it, but there are still warnings. All I am seeing right now is SEC_ERROR_UNKNOWN_ISSUER. But it shouldnt be unknown?
Thanks so much. Phil