4

While trying to configure a valid SSL certificate for localhost on Ubuntu, I got the following error:

certutil -d sql:$HOME/.pki/nssdb -A -t "CT,c,c" -n "localhost" -i localhost.crt

certutil: could not add certificate to token or database: SEC_ERROR_ADDING_CERT: Error adding certificate to database.

This certificate will be used in Nginx configuration, my goal is to avoid any errors in Google Chrome (ERR_SSL_PROTOCOL_ERROR) as the certificate authority is untrusted.

Improve this question

2 Answers 2

Reset to default
6

This error occurred because the certificate was already registered using certutil previously.

Solution

  1. Delete the existing record

    certutil -n localhost -D localhost.crt

  2. Then, create a new record

    certutil -d sql:$HOME/.pki/nssdb -A -t "CT,c,c" -n "localhost" -i localhost.crt

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

For what its worth if anyone is suddenly getting this when trying to import a Let's Encrypt certificate you now need to point to the "fullchain.pem" file instead of the "chain.pem" file.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.