It's worth mentioning that recent versions of macos since 10.15 have a restriction on certificate validity period, self-signed or not. It's a strong restriction that the browser ui will have no buttons or knobs to bypass the certificate validation, rendering such sites inaccessible. I remembered it's also a system wide enforcement that chrome on macos also respects this.
[1] Requirements for trusted certificates in iOS 13 and macOS 10.15, https://support.apple.com/en-us/HT210176 > TLS server certificates must have a validity period of 825 days or fewer (as > expressed in the NotBefore and NotAfter fields of the certificate). [2] About upcoming limits on trusted certificates, https://support.apple.com/en-us/HT211025 > TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC > must not have a validity period greater than 398 days. Regards, yousong _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
