.. Original article at http://text.maze.io/2009/12/30/add-cacert-root-certificates-to-chromium
_______
____________ _______ _\__ /_________ ___ _____
| _ _ \ _ | ____\ _ / | |/ _ \
| / / / / | | | /___/ _ | | / /
|___/___/ /___/____|________|___ | |_| |___|_____/
\__/ |___|
(c) 2009 Wijnand 'maze' Modderman - http://maze.io/
Add CACert Root Certificates to Chromium
========================================
I’ve recently begun using Chromium_ for most of my day-to-day browsing tasks. It recently gained
support for Adobe Flash and other plugins. I’ll be excited to when it picks up JavaScript debuggers as
well—then I’ll have little reason to use Firefox except for development. I’ve enjoyed watching the daily
builds go from a virtually a crash-on-click shell to the wonderfully quick tool I’m using right now to type
this post.
However, I’m a CACert_ user (and assurer!) and have several sites and/or utilities which rely on
CACert-issued free SSL certificates.
Chromium on Linux doesn’t have its own certificate management system, but instead uses
`Mozilla’s Network Security Services (NSS) Public Key Infrastructure (PKI) `_.
The `LinuxCertManagement `_
article on Chromium’s wiki gives some instructions on how to import certificates.
I’ve reproduced these instructions for Debian with some of my own additions below.
::
$ sudo apt-get install libnss3-tools
$ wget http://www.cacert.org/certs/root.crt
$ wget http://www.cacert.org/certs/class3.crt
$ certutil -d sql:$HOME/.pki/nssdb -A -t "TCu,Cu,Tuw" -n "CACert Class 1 Root Certificate" -i root.crt
$ certutil -d sql:$HOME/.pki/nssdb -A -t "TCu,Cu,Tuw" -n "CACert Class 3 Root Certificate" -i class3.crt
$ rm root.crt class3.crt
You’ll now be able to log in to sites using CACert SSL certificates without needing to click through the
red screen of hate.
.. _Chromium: http://code.google.com/chromium/
.. _CACert: http://www.cacert.org/