Jump to content
The Uniform Server Community
mwil2006

OpenSSL Cert with SAN for Chrome

Recommended Posts

Hi,

 

I have Uniform running on a Windows 10 platform and all is working except when I use Chrome.

 

Using IE or Edge to browsing to my local server using a DNS name "https://mysite.co.uk" (example) works fine.

Chrome however posts the following response:

Your connection is not private

Attackers might be trying to steal your information from mysite.co.uk (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID

 

I have learnt that since Chrome 58 the browser is not using the Common Name part of the certificate, it uses the Subject Alternate Names (SAN) to verify the address.

 

https://bugs.chromium.org/p/chromium/issues/detail?id=700595 - Chrome no longer accepts certificates that fallback to common name(ERR_CERT_COMMON_NAME_INVALID)
Chromium removed support for matching common name in certificates in M58:
* Issue 308330
* https://www.chromestatus.com/features/4981025180483584

 

QUESTION

 

Is there a simple way of reconfiguring the openssl files supplied so that a SAN is added to the certificate when I use the GUI: "Apache->Apache SSL->Server Certificate and Key Generation"? Alternatively can you advise how using the command line/config files I can achieve the same outcome of a SAN?

 

Many thanks :-)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...