I have a local domain (markfisher.local) for which I have made a self-signed certificate, which I have added to the Certificates in Keychain Access (I am using Mac). This results in the certificate being trusted in Chrome and Safari. If I edit the certificates Trust in KeyChain Access to "Never Trust" then Chrome and Safari no longer accept it, then if I change it back to "Always Trust" then I can access markfisher.local OK again.
But when accessing the site in Firefox I get the following:
markfisher.local uses an invalid security certificate. The certificate does not come from a trusted source. Error code: MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY
I have set security.enterprise_roots.enabled to true as suggested in this answer. Also, going to Preferences > Privacy & Security > View Certificates, I can see my certificate is in the Authorities tab and I have checked the "This certificate can identify websites" in the "Edit Trust" dialog. This was not checked originally
However Firefox refuses to accept the certificate. How can I fix this?