Forum Discussion
1 Reply
Sort By
- Stanislas_Piro2Cumulonimbus
RFC describe following behavior :
- if both SAN and subject are defined, the only value that is checked to match server name matches is SAN
- if only subject is defined, the server name must match subject.
So SAN is not mandatory, ...
But Google Chrome decided to change rules since 2017... google chrome obsoletes subject validation and requires SAN as the only valid server name field.