This Site / Other Alec Muffett Test Onions
If you want to install the certificate for this site’s onion address FOR THE PURPOSES OF TESTING, the certificate may be downloaded from this page – I strongly recommend disabling or removing the certificate after testing is completed, for security reasons.
Installation part 1
- open about:config
- click “I accept the risk!”
- search for “security.nocertdb” in the box provided
- if the “value” field says “default”/”true”, then:
- double-click on it to make it “modified”/”false”
- if the “value” field says “default”/”true”, then:
- search for “browser.privatebrowsing.autostart” in the box provided
- if the “value” field says “default”/”true”, then:
- double-click on it to make it “modified”/”false”
- if the “value” field says “default”/”true”, then:
- search for “security.ssl.enable_ocsp_stapling” in the box provided
- if the “value” field says “default”/”true”, then:
- double-click on it to make it “modified”/”false”
- if the “value” field says “default”/”true”, then:
- dismiss the about:config tab
- IMPORTANT: NOW RESTART TOR BROWSER
Installation part 2
- open Menu > TorBrowser > Preferences > Privacy & Security
- scroll down to Security > Certificates
- uncheck Query OCSP responder servers to confirm the current validity of certificates
- click “View Certificates”
- select “Authorities” tab
- click “Import”, select your “rootCA.pem” file, click “Open”
- Popup: ensure that “Trust this CA to identify websites” is ticked/enabled
- click “Ok”
- check that “mkcert development CA” now appears in the list of authorities
- navigate to the target URL
Uninstalling
- When you are eventually finished with your certificate
- Uninstall/remove the certificate, using the same dialogues
- Reverse the about:config changes which you performed above
- IMPORTANT: RESTART TOR BROWSER
Leave a Reply