Chrome ssl self-signed invalid but valid in IE

UCS - Univention Corporate Server
,
#1

Hello,

Like the title topic says, i’m having issues with and ucs server that have self signed certificate, i have the root certificate into the store via gpo and eveything works in internet explorer, only in chrome that does’nt work.

In developer tools security tab is says the problem is alternative name missing so, after some search i find this post Add Subject Alternative Names to existing Certificate and after follow it is solved.

Maybe the issue is because this server came from ucs 3.x and maybe the line never exists before?

Anyways it solve the issue

#2

Hey,

That’s indeed the cause. In earlier versions of UCS certificates were created without subjectAltName extensions. Nowadays most SSL implementations require it to be present.

Re-creating such certificates with subjectAltName set is the correct solution.

Kind regards
mosu

#3

@Moritz_Bunkus yeah that solve my problem… however still can’t put sso to work in that “master” server… could be something related to is “age”?

I cannot find the issue anywhere :confused:

Mastodon