autoTrust not working anymore for chrome and firefox on linux

[dmail]

Looks like chrome and firefox have updated how they store certificates on Linux.

Maybe there is just a new url to put there:

https-local/src/internal/linux/chrome_linux.js

Lines 40 to 47 in ef072a1

	browserNSSDBDirectoryUrls: [
	new URL(".pki/nssdb", assertAndNormalizeDirectoryUrl(process.env.HOME)),
	new URL(
	"snap/chromium/current/.pki/nssdb",
	assertAndNormalizeDirectoryUrl(process.env.HOME),
	), // Snapcraft
	"file:///etc/pki/nssdb", // CentOS 7
	],

[dmail]

Since chrome 105, chrome uses his own certificate store on windows and Linux. Still relying on system for macos due to their policy.
For windows and Linux, until there is a programmatic solution found, trusting cert must be done manually.

[dmail]

The manual process is easy and described for instance here:
https://doc.webradiocontrol.tech/user-guide/installing-tls-certificate/chrome-linux/

But is there still a programmatic way to achieve that? That would be great

[dmail]

Others tools like https://github.com/davewasmer/devcert and https://github.com/FiloSottile/mkcert have the same issue.

See FiloSottile/mkcert#488 and davewasmer/devcert#93 for instance