Clarity

  • 1.  Chrome 58 - Not secure, certificates must have Subject Alternative Name

    Posted Apr 21, 2017 04:15 AM

    As of Chrome 58 released yesterday, certificates must have a "Subject Alternative Name".

    If your organisation is using a self signed certificate with CA PPM, there's a good chance it doesn't have it. 

    The user will be presented with this warning.

     

     

     

    Two options

     

    Read more

    700595 - Chrome no longer accepts certificates that fallback to common name (ERR_CERT_COMMON_NAME_INVALID) - chromium… 

     

    Hopefully the information saves you some pain this Friday!



  • 2.  Re: Chrome 58 - Not secure, certificates must have Subject Alternative Name

    Posted Apr 21, 2017 04:27 AM

    Now if you are still in 13.x where FF is not supported, which of these options can be used in an environment where the IT decides what to do with the certs and the users do not have access to their registries?



  • 3.  Re: Chrome 58 - Not secure, certificates must have Subject Alternative Name

    Posted Apr 21, 2017 04:31 AM

    The sysadmins can push a group policy update very easily.

    However I do recommend to update the certificate as soon as possible.



  • 4.  Re: Chrome 58 - Not secure, certificates must have Subject Alternative Name

    Posted Apr 21, 2017 06:01 AM

    Thanks, I did not get any error with Chrome 58, so apparently the cert has been already upgraded.



  • 5.  Re: Chrome 58 - Not secure, certificates must have Subject Alternative Name

    Posted Apr 21, 2017 06:05 AM

    it's been best practice for about 10 years, so in your case it's likely always been that way.