Cant able to access server by its common name

I have one server Certificate installed on apache server that have following feilds

1) Common Name : 192.168.0.107

2) Subject Alternative Name : IP:192.168.0.108,IP:192.168.0.109

When browser access any of the subject alternative name then browser shows green padlock ( secure connection) but when i try to access server by its common name browser shows (insecure connection). why this is happening is there any fault in my certificate? please help me out with this

Note : I have installed root certificate on browser

1 answer

  • answered 2019-04-18 15:15 pedrofb

    Since HTTP over TLS was introduced in 2000 an defined by RFC2818 the use of the commonName field has been considered deprecated and if SubjectAlternativeName is present, it must be used.

    If a subjectAltName extension of type dNSName is present, that MUSTbe used as the identity. Otherwise, the (most specific) Common Name field in the Subject field of the certificate MUST be used. Although the use of the Common Name is existing practice, it is deprecated and Certification Authorities are encouraged to use the dNSName instead.

    Most browsers require currently the SAN extension and do not even accept certificates with only CN. See https://security.stackexchange.com/questions/172626/chrome-requires-san-names-in-certificate-when-will-other-browsers-ie-follow