The certificate import error occurred. I tried multiple browsers but it didn't work.

[deyen2090]

I followed the steps in the tutorial completely, but an error message appeared when importing the certificate. Tip: My certificate password is not entered incorrectly

================ Information about my computer： fedora40

lxc version Client version: 6.1 Server version: 6.1

lxd version：6.1

[mas-who]

Hi @deyen2090 thank you for reporting this issue. Would you be able to share which browser you are using?

Edit: I missed that you tried multiple browsers in the issue title. I think this may be related to the OS you are using, will investigate.

[deyen2090]

Hi @deyen2090 thank you for reporting this issue. Would you be able to share which browser you are using?

Edit: I missed that you tried multiple browsers in the issue title. I think this may be related to the OS you are using, will investigate.

firefox. Even if I use Google Chrome, it still prompts "Unknown error".

[edlerd]

Thank you for the report.

How did you create the client certificate you are trying to import into Firefox?

I tested with a live ISO of Fedora 40. In Firefox, I opened a remote lxd-ui, then generated a certificate with a password in lxd-ui. Then I downloaded the .pfx file and imported it successfully into Firefox. I used a password "abc" to protect the cert. Currently, I can't reproduce the issue. Did you maybe create the client certificate outside lxd-ui?

[deyen2090]

Thank you for the report.

How did you create the client certificate you are trying to import into Firefox?

I tested with a live ISO of Fedora 40. In Firefox, I opened a remote lxd-ui, then generated a certificate with a password in lxd-ui. Then I downloaded the .pfx file and imported it successfully into Firefox. I used a password "abc" to protect the cert. Currently, I can't reproduce the issue. Did you maybe create the client certificate outside lxd-ui?

Thank you for your reply. Let me explain my operation steps in detail: My computer situation: I have 2 computers. Computer A's system is fedora40, and computer B's system is fedora36. Both computers have lxd installed, and port 8443 is enabled. Computer A's IP address is 192.168.1.1, and computer B's IP address is 192.168.1.2. I visited https://192.168.1.2:8443 on computer A and entered the lxd-ui interface. Then I clicked the button "create new certificate", then clicked the "Generate" button, did not enter the password, and clicked skip. Then clicked to download the crt file (file name: lxd-ui-192.168.1.1.crt) and pfx file (file name: lxd-ui-192.168.1.1.pfx). Then, I directly imported my certificate file (file name: lxd-ui-192.168.1.1.pfx) in the current firefox file through the "about:preferences#privacy" command, and then the browser prompted an error. I know that the crt file needs to be imported on computer B using the command "lxc config trust add ./lxd-ui.crt", not computer A.

[edlerd]

Thanks for the detailed explanation. I tried to reproduce your case with a Fedora 40 live CD and was able to import the generated certificate.

Which version of LXD are you using? I remember in some older Version the cert generated would not work for Firefox, only for other browsers. Maybe that is the problem here. With the latest 5.21 LTS or 6.1 the certificates should work on all Browsers.

[edlerd]

Also this wiki article might help, though your case sounds more special than what is mentioned there.

[edlerd]

Closing as there is no current way to reproduce it.