Post

Replies

Boosts

Views

Activity

Reply to Testing upcoming Safari cert validity changes
I am chiming in on a old post. We have issues with internal CA signed certificates being restricted by this time limit, Root CA and issuing CA certificates have been imported manually to Catalina keychain but certificates signed with those are rejected if their validity period exceeds 825 days. Safari refuses completely to connect to internal systems with such certificates, Google Chrome complains about certificate being invalid but lets use user to bypass error. Internal root CAs are in System keychain, and Trust is set to Always trust for all functions. I am at loss what is wrong here.
Oct ’20