Closed Bug 560476 Opened 14 years ago Closed 14 years ago

SSL Certificate is for "*.google.com" but "chart.apis.google.com" is not trusted.

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Version:
3.6 Branch
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 159483

People

(Reporter: holger.schmeken, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

If you visit the URL then the notification will appear that this connection can not be trusted (ssl_error_bad_cert_domain). The message states that the certificate is valid for "*.google.com" and "google.com". The URL is referencing "chart.apis.google.com" which should be identified as trustworthy. Seems that the pattern matching did not work as expected.

Reproducible: Always

Steps to Reproduce:
1. visit URL


Expected Results:  
Trusted connection without notification.
Version: unspecified → 3.6 Branch
That's normal - the wildcard is only used for 1 level. Firefox used to work differently, but switched to RFC 2818 a while ago.

Bug 159483 mentions that *.*.google.com certificates are used by other Google servers, but they don't work.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.