There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Having difficulty visiting an mTLS-authenticated website from GrapheneOS

I host a website that uses mTLS for authentication. I created a client cert and installed it in Firefox on Linux, and when I visit the site for the first time, Firefox asks me to choose my cert and then I’m able to visit the site (and every subsequent visit to the site is successful without having to select the cert each time). This is all good.

But when I install that client cert into GrapheneOS (settings -> encryption & credentials -> install a certificate -> vpn & app user certificate), no browser app seems to recognize that it exists at all. Visiting the website from Vanadium, Fennec, or Mull browsers all return “ERR_BAD_SSL_CLIENT_AUTH_CERT” errors.

Does anyone have experience successfully using an mTLS cert in GrapheneOS?

Evkob ,
@Evkob@lemmy.ca avatar

I’m pretty sure you need to install it using “CA certificate” rather than the “VPN and app user certificate” option.

mike_wooskey OP ,
@mike_wooskey@lemmy.thewooskeys.com avatar

Thanks for the reply, @Evkob.

I tried to install my client cert in “CA Certificate” but the certificate manager app in GrapheneOS said that it was the wrong kind of cert to be used in “CA Certificate”. It is, after all, a client cert, not a CA cert.

:(

Evkob ,
@Evkob@lemmy.ca avatar

After some searching, maybe following the instructions on this blog post would work?

I’m by no means an expert though, so take my suggestions with a grain of salt.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •