I have my internet box provider who offers me a free subdomain to connect to my network, ex: xxxxx.provider.com
I have generated a self-signed certificate for the subdomain foo.provider.com I tried to install it in windows but it does not validate my certificate NET::ERR_CERT_COMMON_NAME_INVALID
Is it possible to generate a self-signed certificate on a subdomain and the main domain name does not belong to us?
A self signed certificate won't be trusted by any browser. What is the purpose of the certificate? If need a certificate that will work in browsers, you can use Let's Encrypt.
The comment to my post by dave_thompson_085 helped me solve this,
I added -addext "subjectAltName = DNS:xxxx.provider.com" and reimported the certificate into windows and it works fine now
Here is the command I used to generate my self-signed certificate
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -addext "subjectAltName = DNS:xxxx.provider.com" -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
I then answered Common Name (e.g. server FQDN or YOUR name) []: xxxx.provider.com
I then imported the certificate into my certificate manager in windows and it worked