Firefox Allow Self Signed Certificate

Firefox is no longer accepting my self signed SSL certificate on .dev domains, which I use for local development. I started seeing this error message: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT. To get around this error, you usually can tell the browser add an exception to allow the certificate. But it appears the latest version of Firefox is not allowing the user to trust the certificate. 

Here are the steps to allow a self-signed certificate.

  1. Browse to about:config
  2. Search for “network.stricttransportsecurity.preloadlist”.
  3. Set it to false.

Now you should be able to add an exception for the self-signed certificate to Firefox.

Disclaimer: Disable the preloadlist could lead to security risk. I would recommend moving away from .dev when possible.

9 thoughts to “Firefox Allow Self Signed Certificate”

  1. Disabling the preload list is a bad idea security-wise.

    Google owns the .dev Top Level Domain and will open it up to the general public three days from now: https://www.registry.google/announcements/launch-details-for-dev/#!/

    Please stop using .dev for testing and instead of one of the reserved domains: .test, .localhost, .example. (see https://tools.ietf.org/html/rfc6761 for assumptions that can or cannot be made.)
    And deffinetely stop advising people to just disable the HTST preloadlist without adding any kind of disclaimer.

  2. Regretfully this trick didn’t work for me. I don’t get the option to accept the risk. But I’m on FF 67.0.1. So maybe its a FF version thing.

  3. I done as per your setting but every time when i open mozila and enter my domain it will asking for advance>>add exception.

  4. Didn’t work for me. It keeps coming back with the same error page. I wonder why they ask me whether to accept the risk and then when I say ‘yes’, they still block. Makes no sense. Why ask?

    The FF people treat you like a toddler.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.