ASP.NET Core developer certificate is not trusted

I’m constructing a dotnet web application using aspnetcore and running into the following error when starting it up.

10:52:08 WRN] The ASP.NET Core developer certificate is not trusted. For information about trusting the ASP.NET Core developer certificate, see [](

Unfortunately, the instructions outlined in section “Trust HTTPS certificate on Linux using Edge or Chrome” do not cover NixOS, so I’ve attempted to adapt them, but I’m not having much success.

  1. Install nss tools. Done.
  2. Create or verify the $HOME/.pki/nssdb folder exists on the machine.
$ ll $HOME/.pki/nssdb
total 68
-rw------- 1 jdaly users 28672 May  4 10:44 cert9.db
-rw------- 1 jdaly users 36864 May  4 10:44 key4.db
-rw------- 1 jdaly users   446 May  1 16:44 pkcs11.txt

Looks to contain ‘cert’-like stuff.

  1. Export the certificate with the following command:
dotnet dev-certs https
sudo -E dotnet dev-certs https -ep /usr/local/share/ca-certificates/aspnet/https.crt --format PEM

What’s the proper NixOS export path?

  1. Run the following commands:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n localhost -i /usr/local/share/ca-certificates/aspnet/https.crt
certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n localhost -i /usr/local/share/ca-certificates/aspnet/https.crt

Again, what’s the proper NixOS path?

    • Exit and restart the browser.

Any help and/or the appropriate nixos-way to setup this cert up would be much appreciated. Thx.

Use the security.pki.certificates or security.pki.certificateFiles option.

Hmmm, while I appreciate the tip/suggestion – I really have no idea what or how to employ this setting. Searching around the web and this forum I can see that many others have had similar questions and problems.

Any chance for us novices that someone can spell out the steps and/or point to the documentation that clearly describes this feature?