Since my new MacOS Catalina setup I bumped into multiple Trellis issues. Issues with loading the proper interpretor as well as loading the proper Ansible version for the setup. Final issue I had now was dealing with failed SSL certificates and to be more specific NET::ERR_CERT_REVOKED .
NET::ERR_CERT_REVOKED
So how to deal with this NET::ERR_CERT_REVOKED error? Let’s first look at the error in more detail. We have the following:
Your connection is not private
Attackers might be trying to steal your information from domain.test (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_REVOKED
Subject: domain.test
Issuer: domain.test
Expires on: Nov 14, 2029
Current date: Nov 17, 2019
PEM encoded chain:-----BEGIN CERTIFICATE-----
MIIC7TCCAdWgAwIBAgIUYZ8d88npaf4YadiK/tt5dmovK5MwDQYJKoZIhvcNAQEL
BQAwGDEWMBQGA1UEAwwNYnJpY2ttYWcudGVzdDAeFw0xOTExMTcwNzU2NTBaFw0y
OTExMTQwNzU2NTBaMBgxFjAUBgNVBAMMDWJyaWNrbWFnLnRlc3QwggEiMA0GCSqG
------------------
LI3sU31VNnyMaq31seU+FdZjBO7LS0n4u1Rv5FKhsGC6goozx0LhVsHG659HJbMn
i0Yd3C1rl+DJClQS9LVCNzkXVrvJtwLI8LLraUmLJYWTC5cfGuL7C/J0dzqj48uG
6Vzouywoceuy5aVXvgV3cxOi9vkC2e8idkd28JvHEQ4s
-----END CERTIFICATE-----
So somehow the certificate is being revoked . This either has to do with Catalina or Chrome being stricter on local self signed certificates with locally generated authorities. So what to do about this?
Trellis Cert Trust Vagrant Plugin
Well after some Googling I bumped into this Github thread on the same SSL certificate issue. And I found out that there is a Vagrant plugin that can deal with the browser no longer accepting locally set certificates as it did before. Simply install it and run it inside the trellis directory:
vagrant plugin install vagrant-trellis-certvagrant trellis-cert trust
And yes, now you can run the site again with the generated SSL certificate and now you are no longer blocked by the browser!