less than 1 minute read

In the past (before the introduction of the new design/engine/…), you were able to import Certificate Authority certificates without problems. The new version took that away, unfortunately.

After being fedup with getting warnings all the time for my home infrastructure (on which I use a custom CA with home-generated certificates), I finally found how to get this to work.

You’ll need a fairly new version of Firefox for Android for this to work.

In short:

  • Import your certificate into Android.
    You can do this via Settings → Security → Advanced → Encryption & credentials → Install a certificate on stock Android.
    Search in settings on ‘certificate’ and you should find it.
    You’ll have to copy the certificate file to your Android device, or download it somehow.

  • Tell Firefox to trust the system certificate store. Very convoluted way to do this:

    • Go to settings in Firefox
    • Tap on “About Firefox”
    • Tap on the logo seven times
    • Go back one menu, and now there’s a setting called “Secret Settings”
    • Enable the check for “Use third party CA certificates”

Why, Mozilla, why?!

Comments

You May Also Enjoy

SSH’ing to Unifi equipment with Fedora 37

1 minute read

Connecting to Unifi equipment (Switch 8/AP AC Pro) from Fedora37 fails out of the box with a very useful error Bad server host key: Invalid key length. This is because the dropbear used on these devices is woefully out of date, and still requires the use of ssh-rsa (with SHA1), which has been deprecated by OpenSSH in 2021,

Now using less external services!

less than 1 minute read

So back in 2019 I moved the site from WordPress to Jekyll (using Minimal Mistakes), and from Gandi to AWS Serverless.

Lenovo Thinkpad T14s Gen3 (AMD)

3 minute read

10 years ago I bought a Dell XPS13 L322x ultrabook as a replacement for my white Macbook 2,1. This week I replaced the Dell with something newer: a Lenovo Thinkpad T14s Gen3 (AMD).