So it’s a combination of two issues. The first is that the certificate’s chain can’t be parsed using: SecPolicyCreateBasicX509 (every other browser seems to not care [they ignore this policy and only use SecPolicyCreateSSL ]).The second is that it loads http:// content and not only https:// content.
2 Likes