Create self signed certificate and trust it system wide

I want to create a ca certificate and trust it system wide in order to use it for software development with
dotnet 6.

By the way what exactly the command trust extract-compat does because the manpage does not clarify.

For dotnet development it is as simple as

dotnet dev-certs https

dotnet certificate at DuckDuckGo

This command generates the certificate. I want to trust it system wide. This command generates a .pfx file in the dotnet store. But any other application like for example a console application that uses gRPC tries to communicate with the server that is written in dotnet then they cannot establish communication because this is not trusted from system. Ubuntu has update-ca but archlinux and manjaro have a command trust but although I tried I couldn’t figure out how to do it. More tutorials are about Ubuntu or are old.

I am having some similar issues - I had to ‘borrow’ my clients certficate to install on my local webservice to be able to properly debug the frontend.

I found this today Creating and trusting a self-signed certificate on Linux for use in Kestrel and ASP.NET Core. While it is indeed wrtitten for dotnet 2 6years ago - I think the general principle is still valid - and it explains why I am having a hard time with chromium based browsers - not so much firefox but chromium is not nice to me.

From the above I got the hunch to scour the Arch wiki for certificate related articles - see if I can put together a working recipe for Arch based distributions.

You may already be familiar with this - as you mention trust command

Try trust --help :wink:

extract-compat Extract trust compatibility bundles