Yesterday, Chrome on both my Ubuntu and Windows machines updated to
version 58.0.3029.81.  It appears that this version of Chrome will not
trust certificates based on Common Name.  Looking at the Chrome
documentation and borne out by one of the messages, from Chrome 58,
the subjectAltName is required to identify the DNS name of the host that
the certificate is issued for.  I would be grateful if someone could point
me in the direction of how to recreate my SSL certificates so that
the subjectAltName is populated.

Thanks in advance
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to