I have the following installed on the same physical windows server 2019
I also have a couple of Linux webpage servers and Cisco router/switches
I'd like to use HTTPS but avoid the Not Secure Warning page, the following is what I've done.
Yet I still get an error page stating that the Common Name is invalid.
What am I missing? What do I need to do, to properly assign certificates to the rest of the webpages?
----------------update 2020-09-08---------------------
I've recreated a new certificate with YYY.XXX.local as the CN, same name as the friendly name of the CA. It worked for Internet Explorer Yet it still doesn't work for Chrome and the new Edge (chromium core) I tried to import the certificate, restart the browser but it refused to show up somehow.
Please note that through the whole time, the computer is within the same domain, thus, the Root CA certificate is installed. In fact, after I removed every 'manually imported' certificate, IE still works for me.
Difference viewing certificates from mmc and from browser settings
I made it working.
After some research, the certificate is missing SAN parameter within it. Chromium doesn't trust any certificate whose SAN is empty.
But directly request certificate from IIS manager doesn't have options to modify SAN parameter.
The solution, is to custom request certificate from local machine certificate manager, edit CN, SAN (typically DNS), etc. Then copy/paste the generated .req file content to http://localhost/certsrv/ Download and install the approved certificate, then bind it back to website on IIS manager.
