Installing a mkcert certificate into Tor Browser

Installation part 1

  • open about:config
  • click “I accept the risk!”
  • search for “security.nocertdb” in the box provided
    • if the “value” field says “default”/”true”, then double-click on it to make it “modified”/”false”
  • dismiss the about:config tab
  • IMPORTANT: NOW RESTART TOR BROWSER

Installation part 2

  • open Menu > TorBrowser > Preferences > Privacy & Security
  • scroll down to Security > Certificates
  • click “View Certificates”
  • select “Authorities” tab
  • click “Import”, select your “rootCA.pem” file, click “Open”
    • Popup: ensure that “Trust this CA to identify websites” is ticked/enabled
  • click “Ok”
  • check that “mkcert development CA” now appears in the list of authorities
  • navigate to the target URL

Uninstalling afterwards (IMPORTANT!)

  • open Menu > TorBrowser > Preferences > Privacy & Security
  • scroll down to Security > Certificates
  • click “View Certificates”
  • select “Authorities” tab
  • scroll down to “mkcert development CA” in the list of authorities
  • if it is folded/shut, click the triangle to open it / show the individual certificate
  • highlight “username@domain.name – Software Security Device”
  • click OK to confirm
  • click OK to dismiss the certificate panel
  • open about:config
  • click “I accept the risk!”
  • search for “security.nocertdb” in the box provided
    • if the “value” field says “modified”/”false”, double-click on it to make it “default”/”true”
  • dismiss the about:config tab
  • IMPORTANT: NOW RESTART TOR BROWSER

Leave a Reply

Your email address will not be published. Required fields are marked *