In one of their latest updates for macOS Catalina Apple has introduced some new requirements for the acceptance of SSL certificates. The changes are documented here: https://support.apple.com/en-us/HT210176. This means that pages without a corresponding certificate are no longer accessible in Google Chrome. Unfortunately, the default vCenter Server certificate is one of the affected certificates. Unlike other certificate warnings, this error cannot be easily bypassed using Advanced options.
In the following I would like to show you how you can temporarily work around this issue.
Option 1: Starting Google Chrome with advanced parameters
Instead of starting Google Chrome normally by clicking on its icon, you can also start Chrome from the terminal. Here you have the possibility to specify additional parameters. One of the parameters ignores all certificate errors. Below you will find the command you have to enter in the terminal.
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --ignore-certificate-errors &> /dev/null &To avoid having to enter the command every time, you can also create a small Automator script for this. To do so, open Automator, create a New document with an Application and add a single Run Shell Script action. The line of code above is the content of this action.
Option 2: Using a hidden function
I have only recently learned of this second option. Unlike the first option, the certificate error is not ignored globally, but only for the individual page. Once you have loaded the desired page and the error appears, just type „thisisunsafe“ (without quotes). This will whitelist the page, reload and ignore the certificate error (Source: https://podtech.com/os/mac-osx/chrome-catalina-certificate-issue/).
Wrap-Up
For a while I thought I had to change my default browser and also move all my bookmarks. Then I found out about the first option and got into the habit of starting my Chrome Browser via the command or the corresponding Automator script. But since all certificate errors were globally ignored, I never had a particularly good feeling about it.
The second option is therefore really a blessing! I can continue to work with Google Chrome as normal and only bypass the certificate error on pages where it is really necessary.
