Fix not working certificates on mac > 10.14

From macOS 10.15 onwards there are new security requirements
for TLS server certificates:

https://support.apple.com/en-us/HT210176

Now all certificates without required fields are reported as
NET::ERR_CERT_INVALID and there is no way to 'bypass' this error.

Our test expects ERR_CERT_AUTHORITY_INVALID value,
for which browsers have an visual option to bypass.

'Fix' certificate by adding new required fields:
  * Subject Alternative Name
  * Extended Key Usage

Generate a new certificate chain with two certificates, where the
server certificate has the extension config file in the form of:

[SAN]
subjectAltName=DNS:webengine.qt.io
extendedKeyUsage=serverAuth

Use 2048 bit for private key, otherwise tests fail on ubuntu.

Task-number: QTBUG-91230
Change-Id: I81d878cf3cae3e9fcc51bfbf250fba9185ca4b01
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 035579f424e5b69cee212d23fda3467f5db8d19e)

1 files changed, 2 insertions, 2 deletions

diff --git a/tests/auto/widgets/certificateerror/tst_certificateerror.cpp b/tests/auto/widgets/certificateerror/tst_certificateerror.cpp
index 0bea04155..7a55e306d 100644
--- a/tests/auto/widgets/certificateerror/tst_certificateerror.cpp
+++ b/tests/auto/widgets/certificateerror/tst_certificateerror.cpp
@@ -100,8 +100,8 @@ void tst_CertificateError::handleError()
     QVERIFY(page.error->isOverridable());
     auto chain = page.error->certificateChain();
     QCOMPARE(chain.size(), 2);
-    QCOMPARE(chain[0].serialNumber(), "3b:dd:1a:b7:2f:40:32:3b:c1:bf:37:d4:86:bd:56:c1:d0:6b:2a:43");
-    QCOMPARE(chain[1].serialNumber(), "6d:52:fb:b4:57:3b:b2:03:c8:62:7b:7e:44:45:5c:d3:08:87:74:17");
+    QCOMPARE(chain[0].serialNumber(), "15:91:08:23:37:91:ee:51:00:d7:4a:db:d7:8c:3b:31:f8:4f:f3:b3");
+    QCOMPARE(chain[1].serialNumber(), "3c:16:83:83:59:c4:2a:65:8f:7a:b2:07:10:14:4e:2d:70:9a:3e:23");
 
     if (deferError) {
         QVERIFY(page.error->deferred());