User is unable to access HTTPS sites when using the Symantec Web Security.cloud Service in combination with browser, Google Chrome version 58 and above.
Your connection is not private
Attackers might be trying to steal your information from www.domain.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
Google Chrome has deprecated the use of the Common Name field of an SSL certificate.
This is currently being reviewed by our development team as a potential change in a future version of our Web Security.cloud service offering, but there is no release date currently available.
As a workaround, a Windows registry key can be created to allow Google Chrome to use the commonName of a server certificate to match a hostname if the certificate is missing a subjectAlternativeName extension, as long as it successfully validates and chains to a locally-installed CA certificates.
To create a Windows registry key, simply follow these steps:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome] "EnableCommonNameFallbackForLocalAnchors"=dword:00000001
Go to File > Save as
Make sure to select Save as type: All Files
Name the file under filename: enable_cn.reg
Select a preferred location for the file
Click on Save
Double click on the saved file to run
Click on Yes on the Registry Editor warning
It is recommended to back up your registry in Windows before making any changes. See the following Microsoft KB article on how to back up and restore the registry in Windows.
Note: This registry key change can be deployed to all users via group policy management console in Windows server operating systems.