Worth adding: The Subject CN has been deprecated for verification since 2000 by RFC and the CA/B Forum supports that. Within the industry, the existing usage of Subject CN is considered to be legacy support only, and I think the only non-deprecated usage is for UX. Several browsers and projects completely ignore the field.
jvanasco
22
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Common Name Support in acme.crypto_util | 25 | 308 | May 22, 2025 | |
| Questions re: Simplifying Issuance for Very Long Domain Names | 36 | 1968 | December 28, 2023 | |
| Common Name change after using --expand flag | 7 | 6819 | May 26, 2016 | |
| Certbot picks up wrong CN from the SAN list while renewing/creating cert | 10 | 1510 | August 17, 2023 | |
| Multiple UCC/SAN (multiple subdomain) certs, single common name? | 22 | 5772 | July 23, 2017 |