I can confirm that I see this behaviour too. My ipa server install is a pretty stock install with no 3rd party certificates.
On Thu, Apr 20, 2017 at 5:46 PM, Simon Williams < simon.willi...@thehelpfulcat.com> wrote: > Yesterday, Chrome on both my Ubuntu and Windows machines updated to > version 58.0.3029.81. It appears that this version of Chrome will not > trust certificates based on Common Name. Looking at the Chrome > documentation and borne out by one of the messages, from Chrome 58, > the subjectAltName is required to identify the DNS name of the host that > the certificate is issued for. I would be grateful if someone could point > me in the direction of how to recreate my SSL certificates so that > the subjectAltName is populated. > > Thanks in advance > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
