iLO 4 and macOS Catalina ERR_CERT_INVALID Fix

Earlier this month Apple released macOS Catalina with many new features and updates. Along with this release came an error that we at noticed when trying to access our HP iLO 4 servers using macOS Catalina and Google Chrome. While trying to access the servers, the error of ERR_CERT_INVALID was received but unlike usual, Chrome did not allow for the option to proceed anyways.

What could be causing the error?

In the new Catalina release, Apple changed the TLS requirements bringing with it possible reasons why the iLO certificate is no longer approved. Firstly, the iLO certificate is 1024 bits and as per the new requirements key sizes smaller than 2048 bits are no longer trusted. Another possible reason comes from the iLO certificate’s 25 year validity period while in the new requirements, TLS server certificates must have a validity period of 825 days or fewer. One interesting thing to note is that while Safari gives the warning, the ability to proceed anyways is given while this is not the case in Chrome.

How To Fix iLO 4 and macOS Catalina ERR_CERT_INVALID Error

  1. Open Safari

  2. Go to server URL

  3. Click Show Details then Visit This Website

  4. In your computer’s Keychain Access, click on Certificates

  5. Click on the iLO server from the list

  6. Under Trust, change “When using this certificate” to Always Trust

  7. In Chrome go to server URL

  8. Click on Advanced then Proceed

 An alternate solution, though not as secure, is launching Chrome to ignore invalid Certificates. To do this ensure Chrome is completely closed, and run this command from the Terminal of your computer:

/Applications/Google\\ Chrome –ignore-certificate-errors &> /dev/null & allows you to manage and monitor your network and servers from anywhere with a phone, tablet or browser. AD, Windows, Exchange, Office365, VMware, Hyper-V SSH, Telnet, RDP, VNC and more!

Download today and try it for free for 14 days!