Firefox does not trust this site because it uses a certificate that is not valid for xxxxxxx
Hi,
We have internal website in our corporate with self-signed SSL certificate. And despite the fact that, the host name is listed in the "Subject Alternative Name" list, but the Firefox cannot see it. And the weird thing, that is showing my host name is the warring "he certificate is only valid for the following names: xxx,xxxx,xxxxx,xxxx. Please see the attached screenshot.
Kindly note the following points: 1. The certificate is added to the trusted root in the host machine and client machines. 2. The certificate is not expired yet. 3. The certificate is using strong algorithm (SHA256RSA) 4. We can only repro this issue with Firefox and couldn't repro by IE, Chrome, Opera or Vivaldi. 5. I'm using Windows Server 2016 Datacenter Version 1607 (OS Build 14393.2724) 6. I'm using the latest Firefox version (64.0.2 (64-bit)).
Wšykne wótegrona (4)
As to certificate problem each Browser handles them differently and since that is a internal website. This makes it harder since no one is going to be able to get to it or find what certificate it is issuing. So what has the IT department said about this certificate issue?
Hi Jemand, unfortunately your screenshot didn't come through. You could attach it to a new reply:
https://support.mozilla.org/questions/1246704#question-reply
It sounds a bit like "wierd SSL_ERROR_BAD_CERT_DOMAIN on wildcard domain" which we weren't able to solve.
Hi,
Thank you very much for your reply. I have attached the screenshot.
Best Regards, Jemand
WestEnd said
As to certificate problem each Browser handles them differently and since that is a internal website. This makes it harder since no one is going to be able to get to it or find what certificate it is issuing. So what has the IT department said about this certificate issue?
As I was explaining, it is a self-signed certificate, and I'm the one who created it. It seems a bug in Firefox as it cannot recognize the name of the machine between the list of the alternate subjects as highlighted in the attached screenshot with the previous reply. But, it works fine with domain formats like domainname.com.
Wót Jemand