We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Why does Firefox block secure sites that are trusted by a sub-ca cert if the site uses a non-standard port that isn't included in the SANs?

  • 3 replies
  • 1 has this problem
  • 1 view
  • Last reply by John

John
John
more options

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?
Attached screenshots

Chosen solution

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!

Read this answer in context 👍 0

All Replies (3)

d3von
d3von
more options

sometimes your add on preventing that with a pop up , or else check your FF settings if they are at default!!

it could be even something wrong with the site as well,

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

I'm finding this question hard to research. I think that means it is supposed to work. If you want to file a bug:

https://bugzilla.mozilla.org/

John
John Question owner
more options

Chosen Solution

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!