Firefox accepts the certificate of my website, not of the subdomain
My website is www.santiagoroutes.nl, the subdomain is mobiel.santiagoroutes.nl The certificate is valid for both (see certificate as shown by Firefox in attached picture). The website is marked safe by Firefox, and also by Google Chrome and Microsoft Edge). The subdomain is marked safe by Google Chrome and Microsoft Edge, but Firefox marks it unsafe, and if you click Show commection details and More info you get "Verified: Not specified". Then, if you click View Certificate you see the same certificate you see when you started from the main domain.
What goes wrong?
Modified
Chosen solution
Web Console shows that there is an image loaded via http://:
- Loading mixed (insecure) display content “http://www.cheminscompostelle.eu/favicon.ico” on a secure page
All Replies (7)
What do you mean by the part I bolded here:
wdoyer said
The subdomain is marked safe by Google Chrome and Microsoft Edge, but Firefox marks it unsafe, and if you click Show commection details and More info you get "Verified: Not specified".
Are you getting a red slash on the lock icon?
I don't know where that is coming from. You could try removing any old certificate exception and clearing the web cache. Here's how:
Open the Option/Preferences page using either:
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
- Any system: type or paste about:preferences into the address bar and press Enter/Return to load it
In the tiny search box at the top of the page, type cert and Firefox should filter to the Certificates section. Click the "View Certificates" button to open the Certificate Manager.
There are several different panels here; click Servers to show the server certificate exceptions. If you find one listed for your server, select it and click the Delete... button:
And then to clear the web cache, see: How to clear the Firefox cache (only select the cached web content, do not check the box for cookies).
I am not talking about personal certificates, but about the SSL certificate on the website I made. See the picture I added to my question.
Saying Firefox marks it unsafe I meant an orange triangle with an exclamation mark on the lock icon (as shown in attached picture), and the fact that when I click on the lock icon, I get the message: "Connection not secure"
Modified
wdoyer said
I am not talking about personal certificates, but about the SSL certificate on the website I made. See the picture I added to my question.
Yes, the Servers tab is for any "exceptions" you made to get around a secure connection error in the past. Please check whether there is an old exception you can remove.
Saying Firefox marks it unsafe I ment an oranje triangle with an exclamationmark on the lock icon (as shown in attached picture), and the fact that when I click on the lock icon, I get the message: "Connection not secure"
If you click Connection not secure, is there more detail on the problem? Sometimes, for example, there could be mixed content (http src paths in an https page).
Chosen Solution
Web Console shows that there is an image loaded via http://:
- Loading mixed (insecure) display content “http://www.cheminscompostelle.eu/favicon.ico” on a secure page
cor-el said
Web Console shows that there is an image loaded via http://:
- Loading mixed (insecure) display content “http://www.cheminscompostelle.eu/favicon.ico” on a secure page
Hmm, I didn't notice that because I have security.mixed_content.upgrade_display_content set to true. So many preferences to keep track of...
Yes! That was the last bit of mixed content. I changed it to “https://www.cheminscompostelle.eu/favicon.ico” and now the exclamationmark has gone. Thank you very much!
Wobien
Note that you can leave out the protocol and only leave "//" to make Firefox automatically apply the proper protocol.