When creating a CSR (certificate signing request) in TrendMiner it is important to always include a SAN (subject alternative name).
What is a SAN?
It is a field in an SSL certificate that allows a single certificate to secure multiple domain names, subdomains, or IP addresses. This is useful for protecting various websites on a single IP address or for securing a main domain along with its variants.
Why is it mandatory to fill in a SAN?
Browsers used to rely on the CN (common name), but this has led to security vulnerabilities.
That is why standards have been updated to require browsers to use the SAN extension.
All modern browsers ignore the CN and strictly validate hostnames via SAN.
If you leave SAN empty, your CA will issue a certificate without valid hostnames, and TrendMiner will appear as “Not secure” even with a signed certificate.
Where can I fill in the SAN during creation of a CSR?
When creating a SAN in Edge manager, the SAN can be filled in at the bottom of the Certificate Signing Request (Yellow arrow).
After generating the request, you can download the CSR by clicking the download button at the top (Green arrow).
More info on configuring SSL in TrendMiner can found here:
https://documentation.trendminer.com/en/ssl-configuration.html