I have a safari web-page connecting to secured web socket server (written with C# netcore 3.0). I add server sertificate to trusted running this command (the same certificate I put on my websocket end point).
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certificate.crt
Everything seems valid (I have a blue cross near my certificate in Keys application) but when I connect from safari (catalina os, mojave os) I get an error
OSStatus Error -9807. Invalid certificate chain
Also when I import certificate manually via Keys Application GUI there is no error. Everything works.
- Can anyone explain is there any difference between "security add-trusted-cert" import and GUI manual import?
- Maybe my add-trusted-cert command is wrong and I need some additional params?
This syntax works perfectly for me on MacOS Catalina, however, it must be run with elevated privileges (sudo or whatever).