If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

wildcard domain name matching fails with an underscore in the subdomain

RESOLVED DUPLICATE of bug 1136616

Status

()

Core
Security
RESOLVED DUPLICATE of bug 1136616
3 years ago
3 years ago

People

(Reporter: wweilep, Unassigned)

Tracking

36 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Build ID: 20150222232811

Steps to reproduce:

Attempted to view ssl content on a subdomain with an underscore in the subdomain portion of the url.

In this case, I am using s3 on aws.
https://a_b.amazonaws.com/public/images/image.jpg will return:

a_b.s3.amazonaws.com uses an invalid security certificate. The certificate is only valid for the following names: *.s3.amazonaws.com, s3.amazonaws.com (Error code: ssl_error_bad_cert_domain)

But if you alternately use other characters such as a dash ( a-b.s3.amazonaws.com ) the certificate successfully validates.

The wildcard ssl was properly tested to be working correctly in 31 Branch, and 33 Branch, but broken in 36 Branch.  We suspect 35 Branch was working, but have not yet confirmed.


Actual results:

ssl_error_bad_cert_domain

full text:
a_b.s3.amazonaws.com uses an invalid security certificate. The certificate is only valid for the following names: *.s3.amazonaws.com, s3.amazonaws.com (Error code: ssl_error_bad_cert_domain)


Expected results:

Wildcard SSL Certificate successfully verified, content displayed.
(Reporter)

Comment 1

3 years ago
I made a slight mistake when typing the test case url, https://a_b.amazonaws.com/public/images/image.jpg should actually be https://a_b.s3.amazonaws.com/public/images/image.jpg (missed an entire subdomain level of .s3. ).

Comment 2

3 years ago
Related: https://bugzilla.mozilla.org/show_bug.cgi?id=1136838

Comment 3

3 years ago
Another test url: https://sand_object_assets.s3.amazonaws.com/ff36-bug1136838-bjorn/test.gif
Component: Untriaged → Security
OS: Windows 8.1 → All
Product: Firefox → Core
Hardware: x86_64 → All
See Also: → bug 1136838
Thanks for filing this. We're tracking the issue in bug 1136616.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1136616
You need to log in before you can comment on or make changes to this bug.