The following error message is seen in the browser when trying to connect to z/OSMF for the first time using internally signed certificates for the HTTPS connection:

NET::ERR_CERT_COMMON_NAME_INVALID

Clicking on "Advanced" provides the following message:

The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.

1. The PERSONAL certificate will need to be re-created by specifying an ALTNAME parameter on the GENCERT. The altname DOMAIN should match the domain name specified for the CN field. An IP address can also be specified in ALTNAME if desired. 
   
   GENCERT IZUSVR.cert01 -
   SUBJ(CN=‘server.domain.example.com’) -
   ALTNAME(DOMAIN=server.domain.example.com) -
   LABEL(DefaultzOSMFCert.IZUDFLT) SIZE(2048) -
   SIGNWITH(CERTAUTH LABEL(zOSMFCA)) -          
   EXPIRE(xx/xx/xxxx) 
    
2. After certificate recreation, attach the certificate to the appropriate KEYRING:
   
   CONNECT CERTDATA(IZUSVR.cert01)  KEYRING(IZUSVR.keyr01) DEFAULT
   
   
3. Issue the following rebuild commands:
   
   F ACF2,REBUILD(USR),CLASS(P)
   F ACF2,OMVS
   
   
4. The IZUSVR1 task will need to be re-started in order to read in the changes to the keyring.