I can confirm that I see this behaviour too. My ipa server install is a
pretty stock install with no 3rd party certificates.

On Thu, Apr 20, 2017 at 5:46 PM, Simon Williams <
simon.willi...@thehelpfulcat.com> wrote:

> Yesterday, Chrome on both my Ubuntu and Windows machines updated to
> version 58.0.3029.81.  It appears that this version of Chrome will not
> trust certificates based on Common Name.  Looking at the Chrome
> documentation and borne out by one of the messages, from Chrome 58,
> the subjectAltName is required to identify the DNS name of the host that
> the certificate is issued for.  I would be grateful if someone could point
> me in the direction of how to recreate my SSL certificates so that
> the subjectAltName is populated.
>
> Thanks in advance
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to