Jump to content


OpenSSL Cert with SAN for Chrome

openssl certificates key

  • Please log in to reply
No replies to this topic

#1 mwil2006



  • Member
  • Pip
  • 1 posts
  • Main OS: Other

Posted 29 August 2017 - 05:48 AM



I have Uniform running on a Windows 10 platform and all is working except when I use Chrome.


Using IE or Edge to browsing to my local server using a DNS name "https://mysite.co.uk" (example) works fine.

Chrome however posts the following response:

Your connection is not private

Attackers might be trying to steal your information from mysite.co.uk (for example, passwords, messages, or credit cards). Learn more



I have learnt that since Chrome 58 the browser is not using the Common Name part of the certificate, it uses the Subject Alternate Names (SAN) to verify the address.


https://bugs.chromiu...etail?id=700595  -  Chrome no longer accepts certificates that fallback to common name(ERR_CERT_COMMON_NAME_INVALID)
Chromium removed support for matching common name in certificates in M58:
* Issue 308330
* https://www.chromest...981025180483584




Is there a simple way of reconfiguring the openssl files supplied so that a SAN is added to the certificate when I use the GUI: "Apache->Apache SSL->Server Certificate and Key Generation"?  Alternatively can you advise how using the command line/config files I can achieve the same outcome of a SAN?


Many thanks :-)

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users