Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Ovo će web mjesto raditi na ograničen način, dok obavljamo održavanje stranice. Ako neki članak ne riješi tvoj problem i ako želiš postaviti pitanje, naša zajednica za podršku spremna je pomoći na Twitteru @FirefoxSupport i na Redditu /r/firefox.

Avatar for Username

Pretraži podršku

Izbjegni prevare podrške. Nikad te nećemo tražiti da nas nazoveš, da nam pošalješ telefonski broj ili da podijeliš osobne podatke. Prijavi sumnjive radnje pomoću opcije „Prijavi zlouporabu”.

Saznaj više

Ova tema je arhivirana. Postavi novo pitanje ako trebaš pomoć.

Valid certifcate, but "ssl_error_bad_cert_domain"

knobi@knobisoft.de
knobi@knobisoft.de
more options

I have a SSL web-server xxx.yyy with a valid certificate that is signed by a CA known to Firefox.

When I access "https://xxx.yyy" everything is fine. When I access "https://xxx.yyy/some_page", I get the "This Connection is Untrusted" dialog, which tells me:

Technical Details xxx.yyy uses an invalid security certificate. The certificate is only valid for @subject_cn@ (Error code: ssl_error_bad_cert_domain) 

When I then try to add an exception, after some seconds it tells me: "Valid certificate: This site provides valid, certified identification. There is no need to add an exception".  And the "Confirm Security Exception" button stays greyed out.

Now I am stuck .... :-(

Thanks in advance

I have a SSL web-server xxx.yyy with a valid certificate that is signed by a CA known to Firefox. When I access "https://xxx.yyy" everything is fine. When I access "https://xxx.yyy/some_page", I get the "This Connection is Untrusted" dialog, which tells me: ##### Technical Details xxx.yyy uses an invalid security certificate. The certificate is only valid for @subject_cn@ (Error code: ssl_error_bad_cert_domain) ##### When I then try to add an exception, after some seconds it tells me: "Valid certificate: This site provides valid, certified identification. There is no need to add an exception". And the "Confirm Security Exception" button stays greyed out. Now I am stuck .... :-( Thanks in advance

Svi odgovori (4)

knobi@knobisoft.de
knobi@knobisoft.de Vlasnik pitanja
more options

I am suspecting the "@subject_cn@" wants to tell me something. Why doesn't it show the CN of the certificate (xxx.yyy)?

Just some more info: the SSL server is on a different network, behind a Socks5 proxy (firefox) configured to do DNS lookups. Maybe this is related...

knobi@knobisoft.de
knobi@knobisoft.de Vlasnik pitanja
more options

Some more info. The proxy configuration is not the problem. It might be that the certificate has a problem after all.

When inspecting the certificate with openssl, it shows;

> X509v3 Subject Alternative Name: > DNS:@subject_cn@, email:user@zzz.yyy 

Is that a syntax recognized by firefox? Is that valid at all?
AnonymousUser
AnonymousUser
more options

cookies should be enabled in your browser for CAPTCHA validation. how do I enable this to allow these cookies from this site for registration.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Barbara,

See Enhanced Tracking Protection in Firefox for desktop