How to install your own CA cert into Google Chrome

There are a couple of different sites, which i log into on a regular basis which have there own self sign certificates. This isnt a bad thing but it does start to get annoying when you have to approve viewing the site every time you open up chome.

To stop this from happening here is how you install your CA certificate to chrome

  1. Install the following package to your machine
    sudo apt-get install libnss3-tools
  1. Download the CA cert you wish to install (in this example cacert.crt is the CA cert in question)
  2. Run the following command
    certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Example CA Cert" -i cacert.crt

Note: “Example CA Cert” need to be the Certificate Name

job done

I have also found a useful script to automate adding machines in from the following site

    # usage: [port]
    exec 6>&1
    exec > $REMHOST
    echo | openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
    certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "$REMHOST" -i $REMHOST
    exec 1>&6 6>&-