- 2 Posts
- 266 Views
Chrome Certificate
Anyone else experiencing issues with Chrome's new version 58 and invalid PeopleSoft certificates? Our issue started on Friday, 4/21/2017 and impacts anyone when Chrome updates from version 57 to version 58, with a hard stop. We are having to point all users to use IE.
Hi Shannon,
Yes, we experienced the same issue. Basically anybody who's using a certificate that has a Common Name (CN) but no Subject Alternative Name (SAN) is receiving this error in Chrome. Here's a link with some discussion and further links to info about it:
https://www.reddit.com/r/sysadmin/comments/677hep/chrome_58_not_supporting_self_signed_certificates/
(Beware some angry comments in the discussion!)
The fix is to generate a certificate request that includes at least one DNS entry in the SAN extension. I use Keystore Explorer to generate my certs and would be happy to share some info on that. I'm sure there's also documentation about how to do this using keytool or other methods, depending on your tool of choice. I'm not sure if 'pskeymanager' supports creating this extension.
Charlie