The requirement of the CN being in the SAN is a browser thing, not a server issue. It’s also going to be a CA requirement going forward if you buy certs from external CAs.
-Ryan On May 27, 2015, at 7:29 AM, Matthew Loraditch <[email protected]<mailto:[email protected]>> wrote: That makes sense, but I know I’ve done this before w/o issue, albeit I may not have been at precisely the version this server was at in this scenario (single server 10.5.2SU1). Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA Network Engineer Direct Voice: 443.541.1518 Facebook<https://www.facebook.com/heliontech?ref=hl> | Twitter<https://twitter.com/HelionTech> | LinkedIn<https://www.linkedin.com/company/helion-technologies?trk=top_nav_home> | G+<https://plus.google.com/+Heliontechnologies/posts> From: Andrew Grech [mailto:[email protected]] Sent: Wednesday, May 27, 2015 6:18 AM To: Matthew Loraditch Cc: Ryan Ratliff (rratliff); cisco-voip voyp list Subject: Re: [cisco-voip] Very Strange SSL Issue... When issuing certs with SANS the CN needs to included as a SAN. FYI On Wed, May 27, 2015 at 6:57 AM, Matthew Loraditch <[email protected]<mailto:[email protected]>> wrote: The only SAN was the root of the domain name.. but I removed that and now it works. Oddest thing I’ve seen in a while.. Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA Network Engineer Direct Voice: 443.541.1518 Facebook<https://www.facebook.com/heliontech?ref=hl> | Twitter<https://twitter.com/HelionTech> | LinkedIn<https://www.linkedin.com/company/helion-technologies?trk=top_nav_home> | G+<https://plus.google.com/+Heliontechnologies/posts> From: Ryan Ratliff (rratliff) [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, May 21, 2015 2:41 PM To: Matthew Loraditch Cc: cisco-voip voyp list Subject: Re: [cisco-voip] Very Strange SSL Issue... Check and see if the CN is also a SAN. I’ve seen recent browsers that ignore CN if any SAN is present. -Ryan On May 20, 2015, at 1:31 PM, Matthew Loraditch <[email protected]<mailto:[email protected]>> wrote: Has anyone ever seen where you put a cert on CUCM/CUCXN/IM&P and the Subject name matches but your browser insists it doesn’t? I can’t figure this out. I checked as best I could for spaces like mentioned in Lelio’s recent thread about a CSR and I have no indication of that. I honestly don’t have a clue where to go, it’s not really a server issue as the server is just presenting the cert I installed, but I have it on both UCxn and CCM/IM&P. I can’t believe I put an errant space on both servers… Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA Network Engineer Direct Voice: 443.541.1518 Facebook<https://www.facebook.com/heliontech?ref=hl> | Twitter<https://twitter.com/HelionTech> | LinkedIn<https://www.linkedin.com/company/helion-technologies?trk=top_nav_home> | G+<https://plus.google.com/+Heliontechnologies/posts> _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
