DEV Community

Cover image for Firefox: Installing Self-Signed certificate on Ubuntu
Lorenzo Millucci
Lorenzo Millucci

Posted on • Updated on

Firefox: Installing Self-Signed certificate on Ubuntu

While developing webapps you may need to use HTTPS to match production environment.
For local purposes you may not need a real certificate and a self-signed SSL certificate could be enough.

A self-signed certificate is a SSL certificate which is not signed by any of the recognized certification authorities.

If you want you can create your self-signed certificate in 2 minutes

Browsers do not trust self-signed certificate by default and display an error message that warns the user that the site you are connecting to does not have a recognized certificate and that this could be a potential security risk.

For local development these warnings could be pretty annoying so you may want to ensure that your browser recognizes your certificate as valid.

Let's see how to add a self-signed certificate to Firefox!

Finding Firefox profile folder

All the customizations you make in Firefox are stored in a special folder called profile.
To add a certificate the first thing to do is to find out where your proile is stored. You can find it simply by typing about:profiles in Firefox’s address bar, and then press Enter.

Alt Text

The folder you are looking for is the one with label Root Directory.
For example my profile is stored at /home/lorenzo/.mozilla/firefox/57w4ghfg.default-1394286602246-1560669052441

Installing the certificate

To install the certificate you have to ensure that certutil is installed on your system.

In case it is missing you can install it with:

sudo apt install libnss3-tools

Now you are ready to add the certificate:

certutil -A -n "<CERT_NICKNAME>" -t "TC,," -i <PATH_FILE_CRT> -d sql:<FIREFOX_PROFILE_PATH>


  • CERT_NICKNAME: is an alias for the certificate
  • PATH_FILE_CRT: is the path of the certificate you want to add
  • FIREFOX_PROFILE_PATH: is the path where your Firefox profile is stored

NOTE: if you want to know what trustargs are you can read the documentation.

For example to add the certificate on my PC I have to use:

certutil -A -n "slope" -t "TC,," -i ~/Downloads/slope.crt -d sql:/home/lorenzo/.mozilla/firefox/57w4ghfg.default-1394286602246-1560669052441 

NOTE: after you installed the certificate you have to restart Firefox for these changes to take effect.

Displaying installed certificates

To ensure that the certificate is added correctly you can display all the installed certificates using:

 certutil -d sql:<FIREFOX_PROFILE_PATH> -L      

Removing a certificate

If you need to remove an installed certificate you can do it with:

certutil  -D -n "<CERT_NICKNAME>"  -d sql:<FIREFOX_PROFILE_PATH>  

And voila! You're all done, ready and up and running!

Feel free to reach out to me! Blog (in italian) || Twitter || GitHub || LinkedIn

Top comments (2)

sportluffi profile image

This will also work on RHEL-flavoured Linux - tested on Fedora 31. Thank you!

helpdeskdan profile image

Finally, a clear concise guide on how to add certs to Firefox. (A process that was once easy) You, good sir, have my thanks!