this post was submitted on 14 Sep 2024
47 points (91.2% liked)
Firefox
18037 readers
337 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You can get rid of the certificate errors by adding your CA to Firefox. Just make sure you keep the private key secure.
Set
browser.fixup.fallback-to-https
tofalse
to stop Firefox from trying https if http doesn't work.worth repeating the KEEP YOUR PRIVATE KEY SECURE part if you’re trusting a root - if you trust a root, it may be able to issue a TRUSTED cert for other domains - mybank.com, etc and leave you open to attack
But honestly, you shouldn't need to do this, you can just use LetsEncrypt to get a real cert. Here's what I do:
Boom, you get all the benefits of a proper TLS setup, along with all of the benefits of local traffic. You can even turn off external access to the services between cert renewals.