Forum Discussion

Nimbostratus

Nov 08, 2016

SSL Certificate CSR Subject Alternative Names "DNS="

Hello, I have seen some certificates with something equivalent to "DNS=website.com" in the subject alternative name with the common name value being "website.com" and some certificates with nothing i...

Altostratus

Nov 09, 2016

Are the certs being issued from different CAs?

I think most big public CA SSL certs will have the FQDN(one or all) listed completely in the SAN section. The ones I work with do. If the SAN section exists, the clients should be ignoring the CN field. Additionally, the CN field is deprecated, despite current usage, and many apps/browsers are moving to only look at the SAN field.

Good Luck!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Certificate CSR Subject Alternative Names "DNS="

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

The Ingress NGINX Alternative: F5 NGINX Ingress Controller for the Long Term

DNS iRules: Protect Yourself From "ANY" Amplification Attacks

Automating Certificate Management on F5 BIG-IP

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS