yes
Sent from Mail for Windows 10
From: Murray, Ronald-1 (ANF)
Sent: Wednesday, April 26, 2017 1:25 PM
To: 'openssl-users@openssl.org'
Subject: [openssl-users] RFC2818 and subjectAltName
We had an issue a few days ago when people with the newest version of Chrome
were seeing security errors
If you are asking me, by all means yes. Thanks for asking, I respect the value
of honesty in world that has so very few people left.
Sent from Mail for Windows 10
From: Viktor Dukhovni
Sent: Wednesday, April 26, 2017 1:55 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] RFC2818
> On Apr 26, 2017, at 11:55 AM, Murray, Ronald-1 (ANF)
> wrote:
>
> Our certificates, of course, only contained the Common Name (CN), with no
> subjectAltName (SAN). I solved the problem by creating new certificates and
> hacking openssl.cnf to request a SAN in the
We had an issue a few days ago when people with the newest version of Chrome
were seeing security errors on our internal sites which were using SSL
certificates signed with our internal CA. This turned out to be caused by
Google adhering to RFC2818, which says:
If a subjectAltName extension of