1

I'm running on MacOS Ventura 13.1, Chrome version 109. I remember I downloaded the relevant certificates months ago and it used to work fine, but - and I'm not sure it was after I upgraded the OS, I think it was (or if these events are even related) - Chrome started complaining again about the certificates. I tried exporting them all again and adding them to Keychain, but this does absolutely nothing. I don't know what else I can do. Here's a picture to show this paradox:

enter image description here

All these are marked Always Trust for all users and yet Chrome doesn't seem to be aware of this. Any ideas on how to solve this issue?

Improve this question
3
  • The image shows ERR_CERT_COMMON_NAME_INVALID and Subject Alternative Name missing when you attempt to access qmf.bb.com.br. Is that the actual problem?
    – garethTheRed
    Commented Jan 29, 2023 at 20:50
  • 1
    Trusted Certificate != Valid Certificate; The domain qmf.bb.com.br doesn’t match the common name of the certificate thus the certificate error. “Any ideas on how to solve this issue?” - Create a certificate where the common name is valid, the connection is secure, entirely up to you if it’s worth the extra work.
    – Ramhound
    Commented Jan 29, 2023 at 20:51
  • 1
    Based on the parameters of the certificate I see absolutely no way to avoid the error you are receiving, I am shocked, it didn’t always throw the very error when you visited qmf.bb.com.br unless you changed an unidentified something
    – Ramhound
    Commented Jan 29, 2023 at 20:57

1 Answer 1

Reset to default
3

If a self-signed certificate (as in this case) is imported as trusted it is still only valid for the domains explicitly mentioned in the certificates Subject Alternative Names section (some browsers check the Common Name too). The reported error NET::ERROR_CERT_COMMON_NAME_INVALID happens if the domain name from the URL (qmf.com.bb.br) does not match any domain name the certificate is valid for.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .