Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Chrome Certificate

Shannon Adams

Anyone else experiencing issues with Chrome's new version 58 and invalid PeopleSoft certificates? Our issue started on Friday, 4/21/2017 and impacts anyone when Chrome updates from version 57 to version 58, with a hard stop. We are having to point all users to use IE.

2 Posts
266 Views

Charlie Sinks

Hi Shannon,

Yes, we experienced the same issue. Basically anybody who's using a certificate that has a Common Name (CN) but no Subject Alternative Name (SAN) is receiving this error in Chrome. Here's a link with some discussion and further links to info about it:
https://www.reddit.com/r/sysadmin/comments/677hep/chrome_58_not_supporting_self_signed_certificates/

(Beware some angry comments in the discussion!)

The fix is to generate a certificate request that includes at least one DNS entry in the SAN extension. I use Keystore Explorer to generate my certs and would be happy to share some info on that. I'm sure there's also documentation about how to do this using keytool or other methods, depending on your tool of choice. I'm not sure if 'pskeymanager' supports creating this extension.

Charlie