I am chiming in on a old post. We have issues with internal CA signed certificates being restricted by this time limit, Root CA and issuing CA certificates have been imported manually to Catalina keychain but certificates signed with those are rejected if their validity period exceeds 825 days. Safari refuses completely to connect to internal systems with such certificates, Google Chrome complains about certificate being invalid but lets use user to bypass error.
Internal root CAs are in System keychain, and Trust is set to Always trust for all functions. I am at loss what is wrong here.
Post
Replies
Boosts
Views
Activity
Hi Matt,
One of failing certificates was created in August 2019, one of them has been created in March 2020. I will look into TSI, thanks for heads up on that.
I don't know the exact process of submitting a TSI, but I managed to submit a issue through Feedback assistant. ID for that is FB8877676, tested on BigSur Beta and Catalina.