On 08/08/17 13:59, George Stanchev wrote:


> Is it possible the recent changes [1] has affected it? Chrome no longer looks 
> in CN, which is ignored but rather expects SAN to be filled up. Perhaps 
> Tomcat's test certs lack SAN?
> [1] https://www.thesslstore.com/blog/security-changes-in-chrome-58/

That did affect the server cert and we fixed that a little while ago. I
don't believe it applies to user certs. The new user cert doesn't have a
SAN and it is now working correctly in Chrome.


To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to