1349609 - wildcard certificate gives SSL_ERROR_BAD_CERT_DOMAIN error

Status: RESOLVED DUPLICATE of bug 1324096

(Core :: Security: PSM, defect)

Description

[kromg.kromg]

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170126153103

Steps to reproduce:

Hi, 
   I made up a CA for internal use and signed a wildcard certificate - say *.example.com - with this private CA. The CA is imported in Firefox.


Actual results:

Any host name - e.g. whatever.example.com - set up with the wildcard certificate gives SSL_ERROR_BAD_CERT_DOMAIN. They're NOT 2nd level subdomains.


Expected results:

I expected to be able to verify sites using the wildcard certificate. PLEASE NOTE: an older wildcard certificate signed from a different internal CA with sha1 signature algorithm works.

Comment 1

[:Cykesiopka]

Hi kromg,

Would you be able to provide what the Common Name and Subject Alternative Name entries (if any) of the wildcard cert look like (redacted is fine as long as everything is still representative)? It would make it a lot easier to confirm if this is a bug.

Thanks.

Comment 2

[kromg.kromg]

Hi, 
   certificate Common Name is *.example.local, it has no Subject Alternative Name. 

openssl x509 -in wildcard.example.local.cert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4101 (0x1005)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=IT, ST=XX, L=YY, O=ZZ, OU=ZZ, CN=ZZ Root CA/emailAddress=mail@example.local
        Validity
            Not Before: Mar 22 16:01:47 2017 GMT
            Not After : Feb 26 16:01:47 2117 GMT
        Subject: C=IT, ST=XX, O=ZZ, OU=ZZ, CN=*.example.local
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    [...]
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                [...]
            X509v3 Authority Key Identifier: 
                keyid:[...]
                DirName:/C=IT/ST=XX/L=YY/O=ZZ/OU=ZZ/CN=ZZ Root CA/emailAddress=mail@example.local
                serial:[...]

            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
    Signature Algorithm: sha256WithRSAEncryption
          [...]


And the CA certificate was imported into firefox:

openssl x509 -in ca.cert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11126988466676482946 (0x9a6b010ea01ec382)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=IT, ST=XX, L=YY, O=ZZ, OU=ZZ, CN=ZZ Root CA/emailAddress=mail@example.local
        Validity
            Not Before: Mar 22 14:03:36 2017 GMT
            Not After : Feb 26 14:03:36 2117 GMT
        Subject: C=IT, ST=XX, L=YY, O=ZZ, OU=ZZ, CN=ZZ Root CA/emailAddress=mail@example.local
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    [...]
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                [...]
            X509v3 Authority Key Identifier: 
                keyid:[...]

            X509v3 Basic Constraints: 
                CA:TRUE
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
    Signature Algorithm: sha256WithRSAEncryption
         [...]

Thanks.

Comment 3

[Masatoshi Kimura [:emk]]

(In reply to kromg.kromg from comment #2)
>         Subject: C=IT, ST=XX, O=ZZ, OU=ZZ, CN=*.example.local

Isn't it *.example.com?

Comment 4

[kromg.kromg]

It's *.example.local (It's *.${NAME}.local, actually). Could the .local part be related to the problem? We're currently using an older CA and wildcard certificate with the same CN and it's not giving us problems.

Comment 5

[:Cykesiopka]

Thanks.

The naming information itself looks fine.

Is comment 0 correct in stating you're on Fedora? If so, this is probably a duplicate of Bug 1324096.

----- Assuming this is a duplicate -----
Some workarounds:
1. Create a cert with an appropriate SAN entry.
2. Set the security.pki.name_matching_mode pref to 0. Note that this will affect certs issued by roots actually in the Mozilla root program as well, so remember to flip this back to the default when appropriate.
3. Create a cert with a notBefore prior to 23 August 2016.

Comment 6

[kromg.kromg]

Confirmed: Fedora 25.

Comment 7

[:Cykesiopka]

Thanks for confirming.