SSL settings should allow requesting SAN certificates (Subject Alternative Names)
In the CSR request process a feature should be added to allow SAN certificates. This would help clients access the K1000 with a variety of internal and external host names without certificate errors.
Steven New commented
For the K200 as well
Andrew McNaughton commented
This is resolved for the SMA but not the SDA v5.1. I have not been able to check SDA v6.0 yet.
Now that Google Chrome has de facto neutered any TLS certificates that omit a SAN field containing the DNS hostname, this has become a big issue for us. Only alternative is to manually generate a CSR outside of the K1000 (good luck learning OpenSSL from the commandline!) and import the private + public key pair afterward.
Joe Magazu commented
Is there a workaround for now?
Simon Davies commented
With Google Chrome no longer supporting Certs without a SAN, it is vital that this get resolved ASAP
I second that!