Is is possible to disable Certificate Transparency (audit log checking) of certificates in Chrome?
Solution 1:
Assuming that the example you're pointing to is actually the one about "The site is using outdated security settings", and not "does not have public audit records", about 99.99% sure that your problem isn't CT, for several reasons:
- It is my understanding that only CA certificates in the system trust store are subject to CT validation; locally-managed CA certificates don't require CT treatment (for pretty much exactly the reason you've got).
- Failing CT validation only matters for EV certificates at the present time, and the only negative impact is that the certificate loses the EV "green bar" treatment.
The error about "using outdated security settings" actually means that your MitM proxy is issuing SHA-1-based certificates with expiry dates in the far future, which probably isn't such a winning idea.