How do I remove the TinyPilot CA certificate?

Note: These instructions apply only to TinyPilot Pro.

The TinyPilot CA certificate establishes trust between your browser and your TinyPilot device. The private key for the TinyPilot CA certificate is stored on the device at /etc/ssl/private/tinypilot-ca.key.

If your device's CA private key is ever compromised, you should uninstall the TinyPilot CA certificate from any machine where you installed it as a trusted certificate.

Remove the TinyPilot CA certificate

To remove the TinyPilot CA certificate, follow the instructions below your operating system:


  1. Open the Start Menu.
  2. Type certmgr.
  3. Click "Manage computer certificates."
  4. Open "Trusted Root Certification Authorities > Certificates" in the left panel.
  5. Find "tinypilot-ca" in the right panel. Screenshot of certificate manager showing Trusted Root Certification Authorities > Certificates in the left panel and tinypilot-ca selected in the right panel
  6. Right-click "tinypilot-ca" and select "Delete."
  7. Click "Yes" to confirm the deletion.

Debian / Ubuntu

  1. From the terminal type, sudo dpkg-reconfigure ca-certificates.
  2. When prompted "Trust new certificates from certificate authorities?" select "no."
  3. Scroll to extra/tinypilot-ca.crt and press the Space key to deselect it.

    • The certificate may alternatively have the name ca.crt.
  4. Press the Tab key to select Ok and hit Enter.
  5. Purge the certificate with sudo rm /usr/share/ca-certificates/extra/tinypilot-ca.crt.


  1. From Finder, open "Applications" > "Utilities" > "Keychain Access."
  2. Select the "System" keychain.
  3. Find "tinypilot-ca" in the right panel.
  4. Right-click the "tinypilot-ca" entry and select "Delete."
  5. Click "Delete" to confirm the deletion.

Reinstalling the TinyPilot CA

To reinstall the TinyPilot CA, see "How do I fix browser privacy errors?"