SSL settings should allow requesting SAN certificates (Subject Alternative Names)

In the CSR request process a feature should be added to allow SAN certificates. This would help clients access the K1000 with a variety of internal and external host names without certificate errors.

23 votes

Anonymous shared this idea · Apr 14, 2014 · Report… · Admin →

under review · Jun 24, 2020

Show previous admin responses (1)

An error occurred while saving the comment

Steven New commented · April 22, 2022 2:27 PM · Report

For the K200 as well

Submitting...
Andrew McNaughton commented · August 15, 2018 2:21 AM · Report

This is resolved for the SMA but not the SDA v5.1. I have not been able to check SDA v6.0 yet.

Submitting...
Anonymous commented · May 5, 2017 12:13 PM · Report

Now that Google Chrome has de facto neutered any TLS certificates that omit a SAN field containing the DNS hostname, this has become a big issue for us. Only alternative is to manually generate a CSR outside of the K1000 (good luck learning OpenSSL from the commandline!) and import the private + public key pair afterward.

Submitting...
Joe Magazu commented · May 4, 2017 10:50 AM · Report

Is there a workaround for now?

Submitting...
Simon Davies commented · April 27, 2017 10:59 AM · Report

With Google Chrome no longer supporting Certs without a SAN, it is vital that this get resolved ASAP

Submitting...
MariuszM-C commented · March 7, 2017 9:41 AM · Report

I second that!

Submitting...