Differences

This shows you the differences between two versions of the page.

--- en:server:services:ssl [2023/01/24 20:50] – [SSL] added adguardhome#dns_rewrites dan
+++ en:server:services:ssl [2024/05/11 22:05] (current) – [Arch Linux] deleted sudo to be consistent with other tutorials dan
@@ Line 135: / Line 135: @@
 <code>
-sudo trust anchor --store rootCA.pem
+trust anchor --store rootCA.pem
 </code>
 ==== Android ====
+=== User trusted credentials ===
 ''Settings'' - ''Security'' - ''Encryption and credentials'' - ''Install a certificate''
@@ Line 147: / Line 149: @@
 ''Settings'' - ''Security'' - ''Trusted credentials'' - ''User''
+=== System trusted credentials ===
+If "User trusted credentials" is not enough and you need the certificate in the system, follow the next lines. However, this requires a rooted device:
+<code>
+hashed_name=`openssl x509 -inform PEM -subject_hash_old -in rootCA.pem | head -1` && cp rootCA.pem $hashed_name.0
+ls $hashed_name.0
+</code>
+<code>
+adb root
+adb shell mount -o rw,remount /
+adb push $hashed_name.0 /system/etc/security/cacerts/
+adb shell chmod 644 /system/etc/security/cacerts/$hashed_name.0
+adb shell chown root:root /system/etc/security/cacerts/$hashed_name.0
+adb shell reboot
+</code>
+You can also use the Magisk module [[https://github.com/NVISOsecurity/MagiskTrustUserCerts/releases|MagiskTrustUserCerts]] (Android 13) or [[https://github.com/nccgroup/ConscryptTrustUserCerts|ConscryptTrustUserCerts]] (Android 14) which does the same as above.
+=== Use third party CA certificates for firefox ===
+You might want to ''Use third party CA certificates'' for Firefox browser:
+  - Open your browser and scroll to the bottom and click About firefox/iceraven/mull ...
+  - Click several times on the logo and go back
+  - Click on secret settings and enable ''Use third party CA certificates''