Closed
Bug 1555907
Opened 5 years ago
Closed 5 years ago
Certificate subject alternative name case sensitive
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: janpieter.sollie, Unassigned)
Details
Attachments
(2 files)
firefox screenshot of SSL error
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0
Steps to reproduce:
- Create openSSL certificate request
- Sign the certificate request on local CA, which is deployed in microsoft AD
- Install the certificate on the QNAP NAS
- browse to the NAS configuration page
Actual results:
SSL error SSL_ERROR_BAD_CERT_DOMAIN while the local domain name is in the subject alternative names list:
- https://hostname/ does not work
- https://hostname.localdomain.local/ works
- https://IP/ does not work
This issue only happens on Firefox, Chrome, Edge and IE do not make any issue of this
Expected results:
Certificate validated
|
||
Comment 1•5 years ago
|
||
hi, could you provide a copy of the certificate that's failing to verify?
Component: Untriaged → Security: PSM
Product: Firefox → Core
|
|
||
Comment 3•5 years ago
|
||
thanks, it may the same issue & solution as in https://bugzilla.mozilla.org/show_bug.cgi?id=1542719#c1
Yes indeed. You are right, changing DNS.1 to IP.1 solved the issue. No bug at all (In meantime, I read something about the RFC for SSL certificates which says the DNS name should be the full DN, not the hostname, so...)
This is not a bug, sorry
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•