Issues when running with -quic_only flag enabled

[GaetanoCarlucci]

I am having trouble experimenting with goquic.

Basically, I have deployed the goquic server in a Docker container and I am running it with -d and --net=host flags.

The server is listening on localhost.
I have created the certificate according to this guide

If I run the server without the -quic_onlyflag, everything works fine and the web page is transferred over HTTP2. However, if I enable the -quic_onlyflag the QUIC server seems unreachable from Chrome.

I have tried the go client and everything works fine.

There seems to be some issue when interacting with Chrome.

[MisssRain]

I tried goquic with the CAgenerator you provide at https://github.com/GaetanoCarlucci/CertificateGenerator
and the 2048-sha256-root.pem has been added into the system CAs and modify it to be trusted by all the users.
I run goquic this way

./server -cert=/PATH/leaf_cert.pem -key=/PATH/leaf_cert.key -quic_only

and run chrome this way

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome
--user-data-dir=/tmp/chrome
--no-proxy-server
--enable-quic
--host-resolver-rules='MAP www.example.org:443 0.0.0.0:8080'
https://www.example.org

and I could not open the site with ERR_QUIC_PROTOCOL_ERROR
and the server shows

Server: Received ConnectionClose for connection: 4729024066337921568, with error: QUIC_PROOF_INVALID (Proof invalid: Failed to verify certificate chain: net::ERR_CERT_COMMON_NAME_INVALID)

when I run server without -quic_only
I could open the site but it is not secure with

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).

and when I click view certificate, it is the CA I add and trust.

I don't know whether there is something changed... and help...