Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Flamba
New Contributor

SSL VPN Certificate Error

Hi guys,

when i connect to my FG100D web portal i get an error ...  the portal works but is not in https.

There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID). and this:

Subject Alternative Name missing The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address. what i can do ?  Thank's to all. Flamba
3 REPLIES 3
emnoc
Esteemed Contributor III

Provide a snapshot for the "SUBJECT" field for the certifciate or upload the certificate.

 

Ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
oheigl
Contributor II

This is a check in the newer versions of Chrome. Make sure that the certificate contains the CN in the subject alternative part of the CSR as a DNS entry. You can create a CSR on the FortiGate which meets this requirements like this:

emnoc
Esteemed Contributor III

FWIW

 

All modern browsers  warn and reject when you have a SAN-cert field and a improper  SAN entry. The CN is not looked at if a Subject AltName field is populated. The CN in these certificate can be any thing that you want " e.g dns name, name, blahblahblah,email,etc........"

 

 

Ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors