The CSE department websites give me an error when I open them using HTTPS

Our department has a self-signed CA certificate. Most (if not all) of our services have certificates signed using this CA certificate.

Importing it as a trusted certificate should be enough. Firefox and Google Chrome on Linux use their own internal stores, and not the system-wide stores.

First, download the certificate: http://www.cse.iitb.ac.in/cse-cacert.crt [¹]

To import in Google Chrome:

  1. Go to the Settings, and search for certificate. Click on Manage certificates:
    Screenshot from 2014-09-09 19:45:56
  2. Go to the Authorities tab, and click on Import:
    Screenshot from 2014-09-09 19:46:05
  3. Navigate to the file you downloaded previously and select it. It will ask you which trust options should be enabled. Check at least the first option (identifying websites):
    Screenshot from 2014-09-09 19:46:21

You're done! Now CSE HTTPS websites should be in green:
Screenshot from 2014-09-09 20:02:49

To import in Firefox:

Simply open the link in Firefox. It will detect it as a certificate and show you a dialog box similar to the one in step (3) above. Again, trust us for identifying websites. (Promise, we won't do anything nasty!)

To import in Ubuntu (for command line tools):

wget --no-proxy http://www.cse.iitb.ac.in/cse-cacert.crt
sudo mkdir -p /usr/local/share/ca-certificates
sudo cp cse-cacert.crt /usr/local/share/ca-certificates
sudo update-ca-certificates

¹ The more discerning amongst you may note that the link is not HTTPS, and is thus vulnerable. A more secure way would be to scp the certificate from the mars.cse.iitb.ac.in (or any of the NSL/OSL lab systems):

scp mars.cse.iitb.ac.in:/usr/share/cse/cse-cacert.crt .

The HTTPS version of the link will work, but then you have the untrusted certificate error - so how can you trust it?