It’s a bit too long for tweet, then short entry here instead 🙂
TLDR;
Chrome will now require ssl certificate to have Subject Alternative Name (SubjectAltName, SAN) othewrise it won’t be trusted. Which this SubjectAltName mostly missing in selfsigned certificates.