After upgrading Google Chrome to version 58, the default certificate for Advanced Threat Protection (ATP), ProxySG is listed as not secure even after the certificate is installed in the Trusted Root Certificate Authorities Store.
Two errors are listed:
The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.
There are issues with the site's certificate chain (net::ERR_CERT_COMMON_NAME_INVALID).
Chrome 58 has removed the ability to fallback to Common Name matching on certificates. In order for a certificate to be trusted in Chrome 58 or later, the certificate must include a Subject Alternative Name (SAN).
To work around the issue with the default certificate, you can re-enable Common Name fallback using the steps outlined in the following document: