Apple - Catalina Trusted Root CA certificates are revoked - Chrome

I just figured out that macOS Catalina has a limitation on a certificate validity dates (and some other things), a certificate can't have a validity period more than 825 days and my certificate was valid for about 5 years.

So I regenerate my certificate and replace the old one with a certificate that has a smaller validity period and everything is working fine now!

According to apple's support page, a TLS certificate should meet this requirement:

The key size must be at least 2048 bits.
Hash algorithm must be SHA-2 or newer.
DNS names must be in a SubjectAltName, not in the CN field only.

and if certificates are issued after July 1, 2019:

The ExtendedKeyUsage extension must be present, with the id-kp-ServerAuth OID.
The validity period should be less than 825 days.

Apple - Catalina Trusted Root CA certificates are revoked - Chrome

Tags:

Ssl

Google Chrome

Keychain

Catalina

Related

Recent Posts