Catalina Trusted Root CA certificates are revoked - Chrome
I just figured out that macOS Catalina has a limitation on a certificate validity dates (and some other things), a certificate can't have a validity period more than 825 days and my certificate was valid for about 5 years.
So I regenerate my certificate and replace the old one with a certificate that has a smaller validity period and everything is working fine now!
According to apple's support page, a TLS certificate should meet this requirement:
- The key size must be at least 2048 bits.
- Hash algorithm must be SHA-2 or newer.
- DNS names must be in a SubjectAltName, not in the CN field only.
and if certificates are issued after July 1, 2019:
- The ExtendedKeyUsage extension must be present, with the id-kp-ServerAuth OID.
- The validity period should be less than 825 days.