The CA/Browser Forum Baseline Requirements for the issuance of publicly-trusted certificates prohibits the issuance of a certificate with a Subject Alternative Name (SAN) extension or Subject Common Name field containing a reserved IP address or Internal Server Name. This white paper explains this change, the reasons behind it, and suggests alternatives for affected subscribers.