GUI for certificate management - Frontend for certutil
-
To import trusted certificates Vivaldi relies on the tool certutil.
It would have been great if the Vivaldi settings included a gui to manage certificates, like a frontend to certutil. -
@marlinus That worked in the past with internal page
chrome://settings/security
, in section Manage Certificates. -
-
As shown in this thread
https://forum.vivaldi.net/topic/99724/importing-certificate-fails?_=1722177765535the
chrome://settings/security
page fails to import self signed certificates.@DoctorG showed me how to use the certutil for the purpose.
And even if chrome://settings/security had worked, linking to it from the settings -> privacy and security, or at least add a note to the settings dialog would have been very helpful.And as chrome://settings/security does not work (at least not for self signed certs) adding a chapter to settings -> privacy and security looking like below would be very helpful:
Manage Certificates
Certificates are managed through the url chrome://settings/security
If that url fails to manage your certificates you could try the certutil command line tool from the nsstools package.To import a trusted CA certificate for use with web and mail use the command:
certutil -d sql:$HOME/.pki/nssdb -A -t "C,C,c" -n "CA mydomain.net" -i CaCertFile.pemTo import a trusted server certificate for use with web and mail use the command:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,P," -n "server.mydomain.net" -i serverCertFile.pemTo list installed certificates run:
certutil -d sql:$HOME/.pki/nssdb -L
Just this text in the settings -> privacy and security would save hours for an user, and also save some time for the experienced forum helpers.
-
@marlinus said in GUI for certificate management - Frontend for certutil:
chrome://settings/security
page fails to import self signed certificates.Yes, Chromium core cause this.
It is advised to import certificates with the certificate manager of the used Operating System.
I fear Vivaldi devs will not program a extra certificate manager in Vivaldi. -
May I continue this thread?
I wonder if Vivaldi comes with any pre-set/pre-imported certificates or more correctly CA trust chains?
Of does it completely rely on CA from OS? -
@HectorB Chromium now comes with its own basic set of Root certificates (my guess is that they decided to do that after all the problems with "Is this device's OS root store able to connect to Let's Encrypt sites" as the original root expired), although it seem to also access system certs, for roots that are not in that set (and presumably have not been untrusted)