OpenSSL Cert with SAN for Chrome

[mwil2006]

Hi,

 

I have Uniform running on a Windows 10 platform and all is working except when I use Chrome.

 

Using IE or Edge to browsing to my local server using a DNS name "https://mysite.co.uk" (example) works fine.

Chrome however posts the following response:

Your connection is not private

Attackers might be trying to steal your information from mysite.co.uk (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID

 

I have learnt that since Chrome 58 the browser is not using the Common Name part of the certificate, it uses the Subject Alternate Names (SAN) to verify the address.

 

https://bugs.chromium.org/p/chromium/issues/detail?id=700595 - Chrome no longer accepts certificates that fallback to common name(ERR_CERT_COMMON_NAME_INVALID)

Chromium removed support for matching common name in certificates in M58:
* Issue 308330
* https://www.chromestatus.com/features/4981025180483584

 

QUESTION

 

Is there a simple way of reconfiguring the openssl files supplied so that a SAN is added to the certificate when I use the GUI: "Apache->Apache SSL->Server Certificate and Key Generation"? Alternatively can you advise how using the command line/config files I can achieve the same outcome of a SAN?

 

Many thanks :-)