Invalid self signed SSL cert – “Subject Alternative Name Missing”

by

To fix this, you need to supply an extra parameter to openssl when you’re creating the cert, basically

-sha256 -extfile v3.ext

where v3.ext is a file like so, with %%DOMAIN%% replaced with the same name you use as your Common Name. More info here and over here. Note that typically you’d set the Common Name and %%DOMAIN%% to the domain you’re trying to generate a cert for. So if it was www.mysupersite.com, then you’d use that for both.

v3.ext

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = %%DOMAIN%%

Note: Scripts that address this issue, and create fully trusted ssl certs for use in Chrome, Safari and from Java clients can be found here

Another note: If all you’re trying to do is stop chrome from throwing errors when viewing a self signed certificate, you can can tell Chrome to ignore all SSL errors for ALL sites by starting it with a special command line option, as detailed here on SuperUser

More Related Contents:

  1. Getting Chrome to accept self-signed localhost certificate
  2. How to get Chrome to allow mixed content?
  3. Chrome redirects .dev to https
  4. Max memory usage of a chrome process (tab) & how do I increase it?
  5. How to stop Chrome from redirecting to HTTPS?
  6. Chrome blocks FastAPI file download using FileResponse due to using HTTP instead of HTTPS
  7. How to make audio autoplay on chrome
  8. How can I get the URL of the current tab from a Google Chrome extension?
  9. How can I open my extension’s pop-up with JavaScript?
  10. Where does Chrome store extensions?
  11. Python requests SSL error – certificate verify failed
  12. Content script matching top-level domains like all google.*
  13. How to force SSL / https in Express.js
  14. Java and HTTPS url connection without downloading certificate
  15. Chrome – org.openqa.selenium.WebDriverException: unknown error: cannot get automation extension at driver.manage().window().maximize();
  16. How to disable (gray out) page action for Chrome extension?
  17. “Inspect” a hover element?
  18. How to view or edit localStorage
  19. Facebook JavaScript SDK over HTTPS loading non-secure items
  20. HTTPS with NSURLConnection – NSURLErrorServerCertificateUntrusted
  21. Is it possible to inject a javascript code that OVERRIDES the one existing in a DOM? (e.g default alert function)
  22. How can I get the CSS Selector in Chrome?
  23. Check whether network response is coming from server or Chrome cache
  24. Disable download button for Google Chrome?
  25. Chrome – Disable cache for localhost only?
  26. Iframe in Chrome error: Uncaught SecurityError: Failed to read the ‘sessionStorage’ property from ‘Window’
  27. What is the proper HTTP response to send for requests that require SSL/TLS
  28. Passing message from background.js to popup.js
  29. Android SSL HttpGet (No peer certificate) error OR (Connection closed by peer) error
  30. Chrome v37/38 CORS failing (again) with 401 for OPTIONS pre-flight requests

Leave a Comment