When a website displays an error in the SSL certificate when starting an HTTP VNC session, Firefox displays a warning interface.
To avoid this error, follow the steps below to import the certificate correctly:
1. Download the RSA Key of the Certificate
Obtain the SSL certificate of the website being accessed using the command:
openssl s_client -showcerts -servername <URL> -connect <URL:PORT> < /dev/null
Replace <URL> and <URL:PORT> with the website address and the corresponding port.
- Example:
2. Save the Root Certificate
In the output of the above command, locate and copy the last certificate displayed (root certificate). Then, save it in a file with the extension .crt in the directory:
/usr/share/ca-certificates/mozilla
To create and edit the file, use:
vim /usr/share/ca-certificates/mozilla/<certificate>.crt
- Example:
3. Add the Certificate to the Configuration File
Include the certificate path in the system configuration file:
echo "mozilla/<certificate>.crt" >> /etc/ca-certificates.conf
- Example:
4. Update the Certificates
Run the command below to apply the changes and update the system certificates:
update-ca-certificates
5. Restart the HTTP VNC Session
After finishing the process, start a new session.
6. Validate the Import
To confirm that the certificate was imported correctly, check the file:
vim /etc/ssl/certs/ca-certificates.crt
With these steps, the SSL error in Firefox when starting an HTTP VNC session will be avoided, ensuring that the connection occurs without interference caused by unrecognized certificates.