Skip to content

How do I get my browser trust my Obsidian Local REST API certificate?

Jump to bottom
Adam Coddington edited this page Jul 13, 2024 · 8 revisions

Unfortunately, the steps for this vary depending on platform and browser, but the below instructions may be helpful if your particular browser and operating system are covered below.

Windows

If you encounter issues installing certificates generated by the Local REST API plugin for Obsidian using Chrome's Certificate Import Wizard on Windows 11, the following steps have been tested and work consistently. The process is a bit more involved compared to Linux, but it ensures success.

  1. Download the Certificate: First, download the "obsidian-local-rest-api.crt" file from the Local REST API.
  2. Open the Certificate:
    • Double-click the downloaded certificate file.
    • In the "Security Warning" popup, click "Open."
  3. Install the Certificate:
    • Click "Install Certificate...".
    • Select "Current User" as the certificate store and click "Next".
    • Opt for "Place all certificates in the following store" and click "Browse...".
    • Choose "Trusted Root Certification Authorities" from the list and click "OK".
    • Proceed by clicking "Next", then "Finish".
  4. Confirm Installation:
    • Accept the "Security Warning" by clicking "Yes".
    • Close the Certificate installation window. (Important: Click the close button to avoid repeating the process.)
  5. Finalize Setup:
    • You may need to reboot your computer before this certificate will be accepted. See #174 for more information.
    • Launch Chrome and proceed with your tasks.

Managing Previous Certificates

Windows 11 may encounter issues if there are previous instances of Obsidian Local REST API certificates from the same plugin in the Windows Certificate Store. This could happen if you've been troubleshooting, resetting cryptography keys, or installing new certificates, leading to multiple entries in various certificate folders, whether under the local machine or current user stores.

To prevent future complications, it's advisable to remove any old or unnecessary certificates. The most straightforward method is through the Windows Certificate Manager (certmgr.msc), which accesses the certificate store for the current user profile. This is particularly relevant since our installation process targets the "Current User" store. Avoid using "certLM.msc," which pertains to the local machine, for this cleanup.

These steps have been effective on Windows 11, but experiences may vary. Special thanks to @Tarpon907 for pointing me in the right direction when I was stuck!

MacOS (a.k.a OS X)

  1. Download the certificate: Download the certificate from Obsidian Local REST API's settings page in Obsidian.
  2. Install the certificate
    • Using Finder, navigate to the folder to which you downloaded the certificate. Do not attempt to skip this step by using the Chrome downloads panel; you must navigate to the finder.
    • Double-click the certificate file, and add the certificate to the System Keychain (you'll need to log in with your Mac password)
    • Under Trust, set to Always Trust.

image

Now check the browser extension by right-clicking it in Chrome, and the little red shield of NO! next to your API key should have turned into a friendly green checkmark of YES! and that particular error should be gone.

Thanks owed to @JessicaSprague for writing up these instructions!

Linux

Chrome on Linux manages its own certificates. To install the certificate:

  1. Download the certificate: Download the certificate from Obsidian Local REST API's settings page in Obsidian.
  2. Install the certificate:
    • Go to chrome://settings/certificates?search=cert
    • Select the "Authorities" tab.
    • Click "Import" and select your downloaded certificate.
    • In the dialog presented, check the box for "Trust this certificate for identifying websites"
    • Press "OK"
Clone this wiki locally