I’m a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac’s root certificate store and have no security issues, but when I try and access the web app, I’m hit with “Warning: Potential Security Risk Ahead” and the error code is MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY
I really miss Firefox, particularly the multi-account containers feature. What do I need to do so that Firefox will trust my certificate for my local web app?
Does the certificate have a basic constraints extension with
CA:TRUEset? Firefox doesn’t allow that for certificates used as ‘end entity’ certificates. You’ll want to re-generate the certificate without the extension.Looking at the certificate, it seems that yes, the certificate authority is set to ‘yes’. So the certificate needs to be regenerated?