In the latest version of Google chrome (58 but maybe even in 57), Chrome requires certificates to specify the host name(s) in the SubjectAltName field (SAN). Firefox latest update is following the same method. Values in the subject field will be ignored.
Certificates that rely on this deprecated behavior will now be rejected with:
The affected certificates are often locally generated ones for development purposes, or are part of a private PKI. The solution is to re-generate the certificates to include a Subject Alternative Name extension, or to enable an option in Chrome to allow them.