49
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 14 Sep 2024
49 points (91.5% liked)
Firefox
17951 readers
150 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
You can get rid of the certificate errors by adding your CA to Firefox. Just make sure you keep the private key secure.
Set
browser.fixup.fallback-to-https
tofalse
to stop Firefox from trying https if http doesn't work.worth repeating the KEEP YOUR PRIVATE KEY SECURE part if you’re trusting a root - if you trust a root, it may be able to issue a TRUSTED cert for other domains - mybank.com, etc and leave you open to attack
But honestly, you shouldn't need to do this, you can just use LetsEncrypt to get a real cert. Here's what I do:
Boom, you get all the benefits of a proper TLS setup, along with all of the benefits of local traffic. You can even turn off external access to the services between cert renewals.