SEC_ERROR_ADDING_CERT: Error adding certificate to database

Question

While trying to configure a valid SSL certificate for localhost on Ubuntu, I got the following error:

certutil -d sql:$HOME/.pki/nssdb -A -t "CT,c,c" -n "localhost" -i localhost.crt

certutil: could not add certificate to token or database: SEC_ERROR_ADDING_CERT: Error adding certificate to database.

This certificate will be used in Nginx configuration, my goal is to avoid any errors in Google Chrome (ERR_SSL_PROTOCOL_ERROR) as the certificate authority is untrusted.

score 3 · Accepted Answer · answered Jul 30 '20 at 17:54

This error occurred because the certificate was already registered using certutil previously.

Solution

Delete the existing record

certutil -n localhost -D localhost.crt
Then, create a new record

certutil -d sql:$HOME/.pki/nssdb -A -t "CT,c,c" -n "localhost" -i localhost.crt

score 0 · Answer 2 · answered Jul 22 '21 at 20:09

0

For what its worth if anyone is suddenly getting this when trying to import a Let's Encrypt certificate you now need to point to the "fullchain.pem" file instead of the "chain.pem" file.

answered Jul 22 '21 at 20:09

Adambean

1,096
1
9
18

SEC_ERROR_ADDING_CERT: Error adding certificate to database

2 Answers2