Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to programmatically "Add Exception" on "Servers" tab in Certificate Manager.

  • 1 cavab
  • 4 have this problem
  • 4 views
  • Last reply by cor-el

more options

I am using the NSS certutil.exe app command line to add a self-signed certificate to Firefox. Using the command line I'm able to get my certificate to show up in the Certificate Manager under the "Authorities" and "Others" tabs. I have even gotten it to show up in the "Servers" tab. However, when it does the "Server" column has a "*". When I navigate to my website I still get a certificate warning.

I noticed that when I manually add the exception the "Server" column says the name and port of my site. It seems to be different in other was too as the "Edit Trust" button seems to be permanently disabled.

So, how can I "Add Exception" using NSS tools? I'm able to get the cert installed in a way that doesn't work using this command:

certutil.exe -A -n "localhost" -t "P,P,P" -i "C:\<<Path to Cert dir>>\localhost.pem" -d "C:\Users\<<User>>\AppData\Roaming\mozilla\firefox\profiles\<<rand>>.default"

Am I just missing a command line option? Any help or ideas would be appreciated!

Thanks,

EV

I am using the NSS certutil.exe app command line to add a self-signed certificate to Firefox. Using the command line I'm able to get my certificate to show up in the Certificate Manager under the "Authorities" and "Others" tabs. I have even gotten it to show up in the "Servers" tab. However, when it does the "Server" column has a "*". When I navigate to my website I still get a certificate warning. I noticed that when I manually add the exception the "Server" column says the name and port of my site. It seems to be different in other was too as the "Edit Trust" button seems to be permanently disabled. So, how can I "Add Exception" using NSS tools? I'm able to get the cert installed in a way that doesn't work using this command: certutil.exe -A -n "localhost" -t "P,P,P" -i "C:\<<Path to Cert dir>>\localhost.pem" -d "C:\Users\<<User>>\AppData\Roaming\mozilla\firefox\profiles\<<rand>>.default" Am I just missing a command line option? Any help or ideas would be appreciated! Thanks, EV

All Replies (1)

more options

From https://developer.mozilla.org/en-US/docs/NSS/tools

If you have feedback or questions, please feel free to post to mozilla.dev.tech.crypto. This newsgroup is the preferred forum for all questions about NSS and NSS tools.