Previews trigger error message when certificate Subject Alternative Name is not Common Name

[Gummikavalier]

Search before asking

• [X] I had searched in the issues and found no similar issues.

Operating System

• [ ] macOS
• [X] Windows
• [ ] Linux

Operating System Version

No response

It happens on the web browser too?

No, it just happens on the Desktop app

Rocket.Chat Desktop App Version

3.9.11

Rocket.Chat Server Version

6.5.0

Describe the bug

Previews trigger error an message when certificate has several Subject Alternative Names and the one is not also the Common Name.

Multiple names for a site are common in multilingual countries. In this case CN is research.fi and it has several SANs, one of them being tiedejatutkimus.fi.

Picture of the names of the certificate in Firefox:

How to Reproduce

1. Have link previews enabled in messages
2. Type into the message https://tiedejatutkimus.fi/ to trigger the URL-preview.
3. Clean the cache and reload the client
4. Check the message again

You will get an error message that complains that tiedejatutkimus.fi name is not a valid certificate for the CN when the preview should be rendered.

Describe your Expected behavior

The preview should accept any Subject Alternative Name from the certificate instead of relying only on the Common Name to check the validity of the certificate.

Anything else

I'm forwarding this error and don't currently have option to test this properly myself. If you cannot reproduce the issue just with those four steps, I'll look at the triggering factor closer.

But it looked solid enough to report because of the certificate error description already.

Are you willing to submit a code contribution?

• [ ] Yes, I am willing to submit a Pull Request!