Etsi tuesta

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Lue lisää

Why does Firefox block secure sites that are trusted by a sub-ca cert if the site uses a non-standard port that isn't included in the SANs?

  • 3 vastausta
  • 1 henkilöllä on sama ongelma
  • 1 näyttö
  • Viimeisin kirjoittaja John

more options

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?
Liitetyt ruutukaappaukset

Valittu ratkaisu

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!

Lue tämä vastaus kontekstissaan 👍 0

Kaikki vastaukset (3)

more options

sometimes your add on preventing that with a pop up , or else check your FF settings if they are at default!!

it could be even something wrong with the site as well,

more options

I'm finding this question hard to research. I think that means it is supposed to work. If you want to file a bug:

https://bugzilla.mozilla.org/

more options

Valittu ratkaisu

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!