There are a couple of different sites, which i log into on a regular basis which have there own self sign certificates. This isnt a bad thing but it does start to get annoying when you have to approve viewing the site every time you open up chome.
To stop this from happening here is how you install your CA certificate to chrome
- Install the following package to your machine
sudo apt-get install libnss3-tools
- Download the CA cert you wish to install (in this example cacert.crt is the CA cert in question)
- Run the following command
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Example CA Cert" -i cacert.crt
Note: “Example CA Cert” need to be the Certificate Name
job done
I have also found a useful script to automate adding machines in from the following site http://www.google.com/support/forum/p/Chrome/thread?tid=18ea33a150bbccd2&hl=en
#!/bin/sh
#
# usage: import-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
exec 6>&1
exec > $REMHOST
echo | openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "$REMHOST" -i $REMHOST
exec 1>&6 6>&-