SSL VPN Certificate Error

Forum|Forum|8 years ago
September 14, 2017
1 reply
7656 views

Hi guys,

when i connect to my FG100D web portal i get an error ... the portal works but is not in https.

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID). and this:

Subject Alternative Name missing The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address. what i can do ? Thank's to all. Flamba

emnoc

New Member

Provide a snapshot for the "SUBJECT" field for the certifciate or upload the certificate.

Ken

oheigl

New Member

This is a check in the newer versions of Chrome. Make sure that the certificate contains the CN in the subject alternative part of the CSR as a DNS entry. You can create a CSR on the FortiGate which meets this requirements like this:

emnoc

New Member

FWIW

All modern browsers warn and reject when you have a SAN-cert field and a improper SAN entry. The CN is not looked at if a Subject AltName field is populated. The CN in these certificate can be any thing that you want " e.g dns name, name, blahblahblah,email,etc........"

Ken

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded