Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Documentation - All
Labels:
- DocsBacklog

Support reference count:
1
Feedback Policy:

We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

Problem Definition

Chrome 58 and later releases require subjectAlternativeName (SAN) extension as per https://developers.google.com/web/updates/2017/03/chrome-58-deprecations#remove_support_for_commonname_matching_in_certificates

Please see related links on the changes

Suggested Solution

Update the documentation at https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html to share steps on

How to generate certificate with subjectAlternativeName extension using Keystore Explorer. We are already suggesting to use Keystore Explorer, but it would be good to have more details on that
- Portecle doesn't seem to support adding subjectAlternativeName on creation
How to generate certificate with subjectAlternativeName extension via Command line
- Reference; http://stackoverflow.com/questions/33827789/self-signed-certificate-dnsname-components-must-begin-with-a-letter

Why this is important

Chrome will throw an error on certificate generated without subjectAlternativeName extension. Other browsers will soon follow

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Rudy Slaiby

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 07/Jun/2017 2:37 PM

Updated:: 17/May/2022 8:55 PM