Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Dec 11, 2018

SAN (Subject Alternative Name) query - is it mandatory ?

Hello Team,

What is Subject alternative name in the certificate? Is it mandatory to fill the SAN details?

Regards,

Dayesh

application delivery

1 Reply

Stanislas_Piro2
Cumulonimbus
Dec 12, 2018
RFC describe following behavior :

if both SAN and subject are defined, the only value that is checked to match server name matches is SAN
if only subject is defined, the server name must match subject.

So SAN is not mandatory, ...

But Google Chrome decided to change rules since 2017... google chrome obsoletes subject validation and requires SAN as the only valid server name field.

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

DevCentral News

F5 Academies Are Back – And We’re Coming to a City Near You

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5