How do I fix browser privacy errors?

Note: These instructions apply only to TinyPilot Pro.

When you first visit TinyPilot over HTTPS, you'll see a privacy error like this:

TinyPilot privacy error

This error is expected because TinyPilot secures the HTTPS connection using a key that your system doesn't know about yet.

You can ignore the privacy error, but the better fix is to prevent it in the first place.

The fix

In order for your browser to trust the TinyPilot HTTPS connection, you need to download the TinyPilot device's root certificate and install it on your system. This certificate is secure, as the certificate is unique to your device.

To accept the certificate, follow the instructions below for your operating system:

Windows

  1. Download your device's unique root certificate from http://tinypilot/ca.crt.
    • The above URL is for the TinyPilot device on your local network.
    • If you access your TinyPilot through a different URL, add /ca.crt  to the end of your device's URL.
  2. Double-click the downloaded ca.crt  file.
  3. When you see the Security Warning, click "Open."

  4. Click "Install Certificate..." 

    Screenshot of Windows dialog showing Install Certificate button

  5. When prompted for a store location, choose "Local Machine." 

    Screenshot of Certificate Import Wizard showing Store Location as Local Machine

  6. Choose "Place all certificates in the following store."

  7. Click "Browse..." and then click "Trusted Root Certification Authorities." 

    Screenshot of Certificate Import Wizard showing 'Place all certificates in the following store: Trusted Root Certification Authorities'

  8. Click Next.
  9. Click Finish.

Debian / Ubuntu

Run the following commands from the terminal:

wget \
    http://tinypilot/ca.crt \
    -O tinypilot-ca.crt && \
  sudo mkdir -p /usr/share/ca-certificates/extra && \
  sudo cp tinypilot-ca.crt /usr/share/ca-certificates/extra/ && \
  sudo dpkg-reconfigure ca-certificates

The last command will display a console UI:

  1. When prompted "Trust new certificates from certificate authorities?" select "no."
  2. Scroll to extra/tinypilot-ca.crt  and press the Space key to select it.
  3. Press the Tab key to select Ok.
  4. Press the Enter key to complete installation.

macOS

  1. Download your device's unique root certificate from http://tinypilot/ca.crt.
    • The above URL is for the TinyPilot device on your local network.
    • If you access your TinyPilot through a different URL, add /ca.crt  to the end of your device's URL.
  2. Open the "Keychain Access" app and select the "System" keychain.
  3. In the "File" menu, click "Import items..." to add the downloaded ca.crt  file.
  4. Right-click the newly added "tinypilot-ca" entry and select "Get Info."
  5. In the "Trust" section of the dialog, choose "Always Trust" for "Secure Sockets Layer (SSL)."

Remove TinyPilot CA certificate

If your TinyPilot device's CA private key is ever compromised, you should uninstall the TinyPilot CA certificate from any machine where you added it as a trusted certificate.

Troubleshooting

Firefox doesn't use the new certificate

Firefox has a separate certificate store and, depending on your settings, may not use the newly installed TinyPilot CA certificate.

You can add the TinyPilot CA certificate to Firefox as follows:

  1. Open the Firefox settings page.
  2. Navigate to "Privacy & Security."
  3. Scroll down to the "Certificates" section.
  4. Press "View Certificates."
  5. Press the "Import..." button.
  6. Select the TinyPilot CA certificate and press "OK."
  7. Press on "OK" again.
  8. Close the Firefox settings page.

Still need help? Contact Us Contact Us