Description:

GENERAL: What should I do if I get an "x509: certificate relies on legacy Common Name field" error?

AuthorFullName__c
Elina Floim
articleNumber
000005188
ft:sourceType
Salesforce
FirstPublishedDate
2021-12-27T08:19:57Z
lastModifiedDate
2022-05-31
VersionNumber
5

x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0

This error indicates that the SSL certificate does not comply with the changes introduced in GoLang 1.15.

Since Go version 1.15, the deprecated, legacy behavior of treating the CommonName field on X.509 certificates as a hostname when no Subject Alternative Names (SAN) are present is now disabled by default. 

This may affect existing SSL certificates and any secure connection relying on these certificates, including databases, clients (such as Docker), and applications.