Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-9325: IWA fails using Chrome browser version 58 or higher.

App Access Service ,   App Gateway Service ,   Mac & PC Management Service ,   Privileged Access Service ,  

13 October,17 at 11:41 PM


When launching the Centrify User and Admin Portals or a single-sign on application integrated with Centrify, the IWA service fails to silently authenticate. Since version 58, Chrome requires SSL certificates to use SAN (Subject Alternative Name) instead of the popular Common Name (CN), thus CN support has been removed. If you're using self signed certificates having only the CN (common name) defined, you receive an error as such:

User-added image


The Centrify Connector IWA Service host is using a self-signed certificate that does not contain a SAN (subject alternative name).  
User-added image


A. Generate a new self-signed certificate that contains the Centrify Connector hostname(s) in the SAN (subject alternative name) using IIS or OpenSSL. 

1) Upload the new self-signed certificate at the Centrify Admin Portal > Settings > Network > Centrify Connectors > Select the Connector > IWA Service > Upload

User-added image

2) Restart the Centrify Connector Service at Start > Administrative Tools > Services

User-added image

B. Revert back to the default Centrify IWA certificate, re-registering the connector. 

1. Go to Start > All Programs > Centrify > Centrify Connector Configuration > Connector tab > Re- register

User-added image


Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.