Closed Bug 1283508 Opened 8 years ago Closed 8 years ago

If sub-domain ends in a hyphen then wild-card certificate is rejected on HTTPS connection

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
47 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1184059

People

(Reporter: jpsingleton, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0 Build ID: 20160623154057 Steps to reproduce: Attempt to load https://ah-.github.io/rdkafka-dotnet/ in Firefox 47.0.1 (Windows or OS X) Actual results: ah-.github.io uses an invalid security certificate. The certificate is only valid for the following names: www.github.com, *.github.com, github.com, *.github.io, github.io, *.githubusercontent.com, githubusercontent.com Error code: SSL_ERROR_BAD_CERT_DOMAIN Expected results: This should load correctly as the certificate is valid for the sub-domain. The HTTP version (http://ah-.github.io/rdkafka-dotnet/) works and HTTPS sub-domains not ending in a hyphen work e.g. https://jpsingleton.github.io/. https://ah-.github.io/rdkafka-dotnet/ loads correctly in Chrome and Safari.
Component: Untriaged → Security: PSM
Product: Firefox → Core
Maybe bug: Brian Smith — Bug 1089104: Add support for TeletexString-encoded CN-IDs to CheckCertHostname, r=keeler
Flags: needinfo?(brian)
Thank you for filing this bug. The issue is being tracked in bug 1184059.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Flags: needinfo?(brian)
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.