I’ve just replaced the certificate on my Unifi controller due to the Google Chrome warnings about certificates with no subject alternative name extensions. I had to use my strongest Google-Fu and search for “Unifi Controller Import Externally Generated Certificate”. It was pretty hard finding all the details I needed so this is my gift to
This post details how I’ve been using OpenSSL to generate CSR’s with Subject Alternative Name Extensions. You may have noticed that since Chrome 58, certificates that do not have Subject Alternative name extensions will show as invalid. Amazing, I must have missed the memo on that. Most of the certificates I use in my home