This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSL_ERROR_BAD_CERT_DOMAIN on signed cert by installed CA

  • 1 reply
  • 3 have this problem
  • 3 views
  • Last reply by cor-el

more options

I've installed a custom CA certificate and made sure the trust was updated and added the certificate to Apache.

For some reason Firefox doesn't want to accept it, even after I added the name of the domain directly in the alt_names without a wildcard (Hence the "imesa.alpha.kira" as the last record, which is a test)

This works in Chrome without any issues, and used to work in Linux Mint 18.3 without issues (So older version of Firefox about a year ago).

I've attached some screenshots to what I'm doing, this is all on a local server, but added ########### to location info in the cert config, this isn't normally part of it.

Adding the imesa.alpha.kira domain to the common name does work, but I need multiple domains to work.

I'm at a loss as to what could be causing this at this point. Any help is appreciated.

I've installed a custom CA certificate and made sure the trust was updated and added the certificate to Apache. For some reason Firefox doesn't want to accept it, even after I added the name of the domain directly in the alt_names without a wildcard (Hence the "imesa.alpha.kira" as the last record, which is a test) This works in Chrome without any issues, and used to work in Linux Mint 18.3 without issues (So older version of Firefox about a year ago). I've attached some screenshots to what I'm doing, this is all on a local server, but added ########### to location info in the cert config, this isn't normally part of it. Adding the imesa.alpha.kira domain to the common name does work, but I need multiple domains to work. I'm at a loss as to what could be causing this at this point. Any help is appreciated.
Attached screenshots

All Replies (1)

more options