Solved: Unity Certificate not matching from Godaddy - Page 2

NoBox · ‎09-22-2020

Hello when I create a CSR for my Unity Publisher server it looks like it automatically adds a SAN entry of my servers hostname instead of the FQDN. When I submit the CSR to Godaddy the cert comes back with a mismatch of the SAN entry and gives an error when trying to upload the cert that it does not match. Is there a way to remove the automatic SAN entry Unity is adding or somehow change that entry to the FQDN? I did reach out to Godaddy and explain they are removing the SAN entry and adding the FQDN for both the CN and SAN. They said they would manually create the cert, I received it back and still had the wrong SAN entry.

Roger Kallberg · ‎09-25-2020

As I wrote you don't need public certificates for this, you can use an internal CA as long as your clients that connects has the CA certificate in their trust store. No matter what CA you use the clients has to trust it and it does that by having the certificate for the CA in it's certificate trust store.

As @Nithin Eluvathingal wrote in one of his answers the GoDaddy CA certificates is usually not in the clients trust store.

public CA  like DigiCert( well known public CA)root certificate  will come   preloaded with our operating system. godaddy root CA will not be. so you need to install the godaddy root CA on the machine. if these machine are domain PC you can push the godaddy  root CA using GPO and your pc will not give u certificate warning.

So at a minimum you would need to make sure your clients have the CA certificate in their trust store on their computers/mobile phones or whatever device you use for this.

This is where you'd want to look at in a Windows OS.