Closed Bug 508513 Opened 16 years ago Closed 16 years ago

SSL certificate WILDCARDS not working properly on 3.0.13 (in 3.0.12 and previous versions, the certificate was OK). (ssl_error_bad_cert_domain)

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: bluehumor, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; es-ES; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; es-ES; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13 When upgraded from 3.0.12 to 3.013 a SSL certificate containing: *.domainname.com is no longer accepted for browser, with error: (Error code: ssl_error_bad_cert_domain) It happens when you query for a subdomain URL like: sub1.sub2.sub3.domainname.com Reproducible: Always Steps to Reproduce: 1. Look for a ssl certificate with wilcards(*.domainname.com ) 2. Query for a subdomain URL like: sub1.sub2.sub3.domainname.com Actual Results: Certificate refused (Error code: ssl_error_bad_cert_domain) Expected Results: Accept certificate (as in previous versions)
Bug 159483 was fixed in Firefox 3.0.13 as well apparently. The new behavior is actually according to spec (RFC2818) and consistent across browsers - see bug 501862 comment 1 for a more detailed explanation.
This was new in Firefox 3.5. It was ported to 3.0.13 too, as a result of this of this bug : http://www.mozilla.org/security/announce/2009/mfsa2009-42.html That bug depends on bug 500495 "Upgrade Firefox 3.0.x to NSS version used by Firefox 3.5.1 (NSS 3.12.3.1)". Note that the behavior is now the same as Internet Explorer, and according to the RFC.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.