Home » Categories » Multiple Categories

SSL Certificate does not validate properly

Issue:

The SSL certificate won't validate properly because the certificate didn't include any subject alternative names. Adding SAN (Subject Alternative Name” into “Additional Attributes” field on a Microsoft Certificate Authority certificate request form does not generate a certificate with a SAN entry.

Solution:

Solution 1

Please review the this article that describes the problem and solution. Essentially, you must run a script to correct the issue that the issuance policy of the Microsoft CA is not configured to accept the Subject Alternative Name(s) attribute via the CA Web enrollment page.

Then, when using the web certsrv, add this under the attributes:

san:dns=your.fqdn.xxx

Solution 2

Another possible solution is to pass the config file below (include your information) to openssl.

[ req ]
default_bits = 2048
prompt = no
distinguished_name = req_distinguished_name
req_extensions = req_ext
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = XXXX
localityName = XXXX
organizationName = XXXXXXX
commonName = your.fqdn.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = your.fqdn.com

Then, this when doing the CSR (Certificate Signing Request):

openssl req -new -key nagiosxi.key -out nagiosxi.csr -config thefile
0 (0)
Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nagios XI - Troubleshooting Reports
Viewed 3056 times since Wed, Dec 5, 2018
Nagios XI - Downloading A System Profile
Viewed 2964 times since Wed, Jul 19, 2017
Nagios XI - Profile Build Failed
Viewed 5889 times since Tue, Aug 2, 2016
Nagios XI - Ajaxterm Installation Aborted
Viewed 2075 times since Tue, Jan 26, 2016
Nagios XI - Disabling Database UTF8 Connectivity
Viewed 2505 times since Thu, Mar 8, 2018
Nagios XI - NSP: Sorry Dave, I can’t let you do that
Viewed 16497 times since Tue, Jan 27, 2015
Nagios XI - Scheduled Backup Log Level
Viewed 2565 times since Tue, Apr 18, 2017
Nagios XI - Error while converting SVG
Viewed 2012 times since Thu, Aug 3, 2017
Disabling Port 113 IDENT Requests
Viewed 2557 times since Tue, Mar 12, 2019
Nagios XI - Problems with $ Signs in the Check Command
Viewed 3888 times since Tue, Jan 26, 2016