sudo apt-get install libnss3-tools curl
Firefox will let you directly install a .cer file from some sites (e.g. the nvidia site below). It will also let you download/save a .cer file. Chrome will let you save the .cer file.
You can also export a .pem file from firefox certificate manager. (Use the .pem file in place of the .cer file below (e.g. for the -i option).)
You can also get one from a certificate authority host with
curl -k -o "cacert-root.crt" "http://www.cacert.org/certs/root.crt"or try
echo "QUIT" | openssl s_client -connect hostname.com:port 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > file.cerwhere hostname.com is the place and port is the port (usually 443).
Firefox just lets you install directly.
For Chrome use:
certutil -d sql:$HOME/.pki/nssdb -A -t "TC" -n "CAcert.org" -i cacert-root.crt certutil -d sql:$HOME/.pki/nssdb -A -t "TC" -n "nvidia.com" -i certnew.cer-i option is .cer file
List all:
certutil -d sql:$HOME/.pki/nssdb -L
Show details of "nvidia.com" certificate:
certutil -d sql:$HOME/.pki/nssdb -L -n nvidia.com
Delete "nvidia.com" certificate:
certutil -d sql:$HOME/.pki/nssdb -D -n nvidia.com