How To add a SubjAltName extension with a default CN value in caServerCert profile for Red Hat Certificate System?

Solution In Progress - Updated -

Issue

Recent version of both Firefox and Chrome are saying a site is untrusted if the SubjAltName field in a certificate is empty and does not contain the name in the CN.
Is it possible to change the caServerCert profile to add a SubjAltName that matches the CN without having to add it manually when a user submits a CSR?
The behavior I would like to see is that a user submits a CSR as normal and the CN is added as a SAN to the cert without having to specify it in the request page.

Environment

Red Hat Enterprise Linux 7 / RHEL-7

Red Hat Enterprise Linux Server release 7.4 (Maipo)

Red Hat Certificate System 9 / RHCS-9

pki-ca-10.4.1-13.el7_4.noarch

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content