[Freeipa-users] Chrome 58 Doesn't Trust SSL Certificates Signed by FreeIPA
Prasun Gera
prasun.gera at gmail.com
Thu Apr 20 23:31:16 UTC 2017
I can confirm that I see this behaviour too. My ipa server install is a
pretty stock install with no 3rd party certificates.
On Thu, Apr 20, 2017 at 5:46 PM, Simon Williams <
simon.williams at thehelpfulcat.com> wrote:
> Yesterday, Chrome on both my Ubuntu and Windows machines updated to
> version 58.0.3029.81. It appears that this version of Chrome will not
> trust certificates based on Common Name. Looking at the Chrome
> documentation and borne out by one of the messages, from Chrome 58,
> the subjectAltName is required to identify the DNS name of the host that
> the certificate is issued for. I would be grateful if someone could point
> me in the direction of how to recreate my SSL certificates so that
> the subjectAltName is populated.
>
> Thanks in advance
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170420/416410de/attachment.htm>
More information about the Freeipa-users
mailing list