Forum Discussion

KristofMattei's avatar
KristofMattei
Copper Contributor
Mar 05, 2020

[Bug] Microsoft Edge on Mac OS X reports certificate as ERR_CERT_REVOKED

 

  • The certificate is still valid.
  • The certificate's root is NOT installed on the system.
  • The URL looks like: https://****.home.lan:8443

While it shouldn't be trusted, it shouldn't be reported as revoked I believe, and still allow me to continue to the website.

4 Replies

  • KristofMattei Thanks for sharing this, and welcome to the MS Edge Insiders community. For some initial troubleshooting; does this also happen on other Chromium-based browsers, and/or other channels in Microsoft Edge? And if it doesn't happen in other places, can you please submit detailed feedback and diagnostics through the browser?

     

    Fawkes (they/them)
    Project & Community Manager - Microsoft Edge

    • KristofMattei's avatar
      KristofMattei
      Copper Contributor

      Deleted So couple of things:

      1) Weirdly enough this did not happen in Safari (when I opened this thread). It does now, why, I don't know..., maybe I accepted it even before)

      2) The error still stands, but I managed to trace it down. 

       

      The issue is that the certificate was valid for longer than 825 days. Since this is all in my local network I did 10 years and Mac OS X does not like that. 

       

      Now, I don't know whether Edge/Chrome go THROUGH the same engine, or whether they have a different engine with the same rules, but at the moment I am error free and I will need to renew the certificate in 824 days! 

       

      Feature request: is there a certificate validator somewhere for local certificates? Like something that goes over it line by line and says what's wrong? The error that I got was really non-descriptive, in fact, it was even wrong.

       

      Thanks for checking in. 

      • Deleted's avatar
        Deleted

        KristofMattei Glad to hear it worked out! And yes, we'll make a note of this.

         

        Fawkes (they/them)
        Project & Community Manager - Microsoft Edge

  • Hi,
    is your CA an offline one?
    if it it isn't an offline one, you need to install the root certificate. also provide a way like OCSP for programs to get the CRL.
    the certificate's date doesn't mean anything. because the CA can revoke it at any time. I'm sure you know this

Resources