How to permanently add self-signed certificate in Firefox?
Solution 1
Easy URL to test: https://self-signed.badssl.com/
There are two ways:
-
toggle Firefox to set server certificates added as Lifetime Permanent by default
-
in
about:config
togglesecurity.certerrors.permanentOverride
totrue
-
add the exception as usual (as described by OP), it will have the Lifetime property set as Permanent
reference from mozilla ticket 1414753 for the opposite case, have them temporary, which OP wants to avoid:
You can set
security.certerrors.permanentOverride
to false now. -
-
or add the certificate manually like this
- go to Preferences -> Privacy & Security -> View Certificates
- choose Servers Tab and click Add Exception
- fill in the https URL (eg: https://self-signed.badssl.com/ ) and click Get Certificate
- ensure that
Permanently store this exception
is checked - click Confirm Security Exception
The
Permanently store this exception
is what gets automatically set or unset with the previous toggle. Here one can choose to check it or not.
Solution 2
The "permanently store this exception" option will be gray in private browsing mode.
Private browsing mode might be set to enabled automatically on startup in prefs.js
or user.js
It would look like this:
user_pref("browser.privatebrowsing.autostart",true);
Disabling this and starting in regular mode will allow you to check the box and follow the steps outlined by user A.B
Related videos on Youtube
Denis
Updated on September 18, 2022Comments
-
Denis over 1 year
When I go to the web interface of my home server Nextcloud via Firefox, I get the following message:
After I click
Accept the Risk and Continue
, and then the self-signed certificate of Nextcloud is automatically added to the Firefox browser. The added certificate is displayed in the Firefox Certificate Manager:Settings -> Privacy & Security -> Security -> Certificates -> View Certificates... -> Servers
:And everything works well until I closed the browser window. After closing the browser window, the certificate disappears.
The fact is that the
Lifetime
of the certificate in the second figure is displayed asTemporary
. I also included automated clearing browser history when closing.How to make so that this certificate is permanently kept in the browser (even when closing the browser window)?
P.S. I use Firefox 87 + Arch Linux.
Update:
I try to add the necessary certificate to
Security Exception
(the way proposedA.B
):- go to
Preferences -> Privacy & Security -> View Certificates
- choose
Servers Tab
and clickAdd Exception
- fill in the https URL (eg: https://self-signed.badssl.com/) and click
Get Certificate
After that, I get the following window, where option the
Permanently store this exception
is blocked:When I press the
Confirm Security Exception
, then the self-signed certificate is added to exception, only again with theTemporary
property (as on the second image).When I do it for URL
https://192.168.1.5:40443/
orhttps://self-signed.badssl.com/
the result is the same. - go to
-
Denis about 3 yearsThank you for your answer. In the first method, switching the setting
security.certerrors.permanentOverride
totrue
did not get the desired result (after closing the browser, the certificate disappears). In the second method, thePermanently store this exception
option is disabled (I wrote more about this in the update of my question). -
A.B about 3 yearsI'm afraid someone with the very same version of Firefox and OS should answer. It appears the feature is disabled on purpose on your system. Or there's an other option involved.
-
ATorras over 2 yearsKeep in mind: 1. The browser must be stopped before doing any change, and 2.
prefs.js
is sorted. -
ADJenks over 2 years@ATorras It's sorted? Like... alphabetically? Why? That's weird.
-
ATorras over 2 yearsYep! I think FFox will be smart enough to take care of unsorted data, but I haven't tested it.