https://community.qlik.com/t5/Official-Support-Articles/Qlik-Sense-Enterprise-on-Windows-and-Chrome-58-SSL-Certificates/ta-p/1715946 <P><SPAN>Google Chrome 58 and higher displays a “Your connection is not private” warning when accessing Qlik Sense Hub or QMC.&nbsp;</SPAN></P> <P><SPAN>The same issue might also be seen for other non-Qlik-related HTTPS URLs. </SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="your connection is not private.png" style="width: 999px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/54529iA3858308DA2CB682/image-size/large?v=v2&amp;px=999" role="button" title="your connection is not private.png" alt="your connection is not private.png" /></span></P> <P> </P> <H4><FONT color="#339966"><STRONG>Environment</STRONG></FONT></H4> <P class="lia-indent-padding-left-30px"><SPAN>Qlik Sense Enterprise on Windows<BR /><BR /></SPAN></P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P>The issue can be resolved differently depending on the Qlik Sense version and the certificate authority in use. A temporary solution can be to ignore the browser warning or to use another browser. Permanent solutions depend on the current version of Qlik Sense.</P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>3<SUP>rd</SUP> party certificates</STRONG></FONT></H4> <P>Qlik Sense sites that use 3<SUP>rd</SUP> party certificates, have to be updated by acquiring an updated certificate from the certificate provider. Please consult local IT team for more guidance on how to apply a certificate update.</P> <H4><FONT color="#339966"><STRONG>Qlik Sense Standard self-signed certificates</STRONG></FONT></H4> <P>Certificates self-signed by Qlik Sense do not contain the “Subject Alternative Name” attribute. A possible solution is to configure Google Chrome to allow certificates issued by local trust anchors that are missing the subjectAlternativeName, which can be done by setting <EM>HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ EnableCommonNameFallbackForLocalAnchors= dword :1</EM> in the Windows Registry.</P> <BLOCKQUOTE class="quote">Changes to the Windows registry can lead to severe system problems if not applied accurately.</BLOCKQUOTE> <P>See attached .reg file as a reference to applying <EM>EnableCommonNameFallbackForLocalAnchors</EM> in the Windows registry.</P> <P>&nbsp;</P> <H3><STRONG><FONT color="#339966">Cause</FONT></STRONG></H3> <P>This issue is caused by Google Chrome 58 (and later) requiring the “Subject Alternative Name” attribute, including the “DNS Name” value. See Google Chrome issues 308330 as reference.<BR /><A href="https://bugs.chromium.org/p/chromium/issues/detail?id=308330" target="_blank" rel="noopener" data-cke-saved-href="https://bugs.chromium.org/p/chromium/issues/detail?id=308330">https://bugs.chromium.org/p/chromium/issues/detail?id=308330</A><BR /><SPAN>RFC6125 (</SPAN><A href="https://tools.ietf.org/html/rfc6125" target="_blank" rel="noopener" data-cke-saved-href="https://tools.ietf.org/html/rfc6125"><SPAN>https://tools.ietf.org/html/rfc6125</SPAN></A><SPAN>) definition of “</SPAN>Subject Alternative Name<SPAN>”;</SPAN><BR />&nbsp;<BR /><EM>&nbsp;&nbsp; If a subjectAltName extension of type dNSName is present, that MUST</EM><BR /><EM>&nbsp;&nbsp; be used as the identity. Otherwise, the (most specific) Common Name</EM><BR /><EM>&nbsp;&nbsp; field in the Subject field of the certificate MUST be used. Although</EM><BR /><EM>&nbsp;&nbsp; the use of the Common Name is existing practice, it is deprecated and</EM><BR /><EM>&nbsp;&nbsp; Certification Authorities are encouraged to use the dNSName instead.</EM><BR /><BR />This is an example of a certificate that will work without issue in Chrome 58 or higher. Note the highlighted portions:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="google chrome compatible certificates.png" style="width: 999px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/54528i25B10527DDD6508C/image-size/large?v=v2&amp;px=999" role="button" title="google chrome compatible certificates.png" alt="google chrome compatible certificates.png" /></span></P> <DIV id="tinyMceEditorSonja_Bauernfeind_1" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> Fri, 10 Apr 2026 10:26:20 GMT Andre_Sostizzo 2026-04-10T10:26:20Z https://community.qlik.com/t5/Official-Support-Articles/Qlik-Sense-Enterprise-on-Windows-and-Chrome-58-SSL-Certificates/ta-p/1715946 <P><SPAN>Google Chrome 58 and higher displays a “Your connection is not private” warning when accessing Qlik Sense Hub or QMC.&nbsp;</SPAN></P> <P><SPAN>The same issue might also be seen for other non-Qlik-related HTTPS URLs. </SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="your connection is not private.png" style="width: 999px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/54529iA3858308DA2CB682/image-size/large?v=v2&amp;px=999" role="button" title="your connection is not private.png" alt="your connection is not private.png" /></span></P> <P> </P> <H4><FONT color="#339966"><STRONG>Environment</STRONG></FONT></H4> <P class="lia-indent-padding-left-30px"><SPAN>Qlik Sense Enterprise on Windows<BR /><BR /></SPAN></P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P>The issue can be resolved differently depending on the Qlik Sense version and the certificate authority in use. A temporary solution can be to ignore the browser warning or to use another browser. Permanent solutions depend on the current version of Qlik Sense.</P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>3<SUP>rd</SUP> party certificates</STRONG></FONT></H4> <P>Qlik Sense sites that use 3<SUP>rd</SUP> party certificates, have to be updated by acquiring an updated certificate from the certificate provider. Please consult local IT team for more guidance on how to apply a certificate update.</P> <H4><FONT color="#339966"><STRONG>Qlik Sense Standard self-signed certificates</STRONG></FONT></H4> <P>Certificates self-signed by Qlik Sense do not contain the “Subject Alternative Name” attribute. A possible solution is to configure Google Chrome to allow certificates issued by local trust anchors that are missing the subjectAlternativeName, which can be done by setting <EM>HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ EnableCommonNameFallbackForLocalAnchors= dword :1</EM> in the Windows Registry.</P> <BLOCKQUOTE class="quote">Changes to the Windows registry can lead to severe system problems if not applied accurately.</BLOCKQUOTE> <P>See attached .reg file as a reference to applying <EM>EnableCommonNameFallbackForLocalAnchors</EM> in the Windows registry.</P> <P>&nbsp;</P> <H3><STRONG><FONT color="#339966">Cause</FONT></STRONG></H3> <P>This issue is caused by Google Chrome 58 (and later) requiring the “Subject Alternative Name” attribute, including the “DNS Name” value. See Google Chrome issues 308330 as reference.<BR /><A href="https://bugs.chromium.org/p/chromium/issues/detail?id=308330" target="_blank" rel="noopener" data-cke-saved-href="https://bugs.chromium.org/p/chromium/issues/detail?id=308330">https://bugs.chromium.org/p/chromium/issues/detail?id=308330</A><BR /><SPAN>RFC6125 (</SPAN><A href="https://tools.ietf.org/html/rfc6125" target="_blank" rel="noopener" data-cke-saved-href="https://tools.ietf.org/html/rfc6125"><SPAN>https://tools.ietf.org/html/rfc6125</SPAN></A><SPAN>) definition of “</SPAN>Subject Alternative Name<SPAN>”;</SPAN><BR />&nbsp;<BR /><EM>&nbsp;&nbsp; If a subjectAltName extension of type dNSName is present, that MUST</EM><BR /><EM>&nbsp;&nbsp; be used as the identity. Otherwise, the (most specific) Common Name</EM><BR /><EM>&nbsp;&nbsp; field in the Subject field of the certificate MUST be used. Although</EM><BR /><EM>&nbsp;&nbsp; the use of the Common Name is existing practice, it is deprecated and</EM><BR /><EM>&nbsp;&nbsp; Certification Authorities are encouraged to use the dNSName instead.</EM><BR /><BR />This is an example of a certificate that will work without issue in Chrome 58 or higher. Note the highlighted portions:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="google chrome compatible certificates.png" style="width: 999px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/54528i25B10527DDD6508C/image-size/large?v=v2&amp;px=999" role="button" title="google chrome compatible certificates.png" alt="google chrome compatible certificates.png" /></span></P> <DIV id="tinyMceEditorSonja_Bauernfeind_1" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> Fri, 10 Apr 2026 10:26:20 GMT https://community.qlik.com/t5/Official-Support-Articles/Qlik-Sense-Enterprise-on-Windows-and-Chrome-58-SSL-Certificates/ta-p/1715946 Andre_Sostizzo 2026-04-10T10:26:20Z