Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

SSL_ERROR_BAD_CERT_DOMAIN in Firefox 101.0

  • 1 个回答
  • 1 人有此问题
  • 13 次查看
  • 最后回复者为 cor-el

more options

Hello

We use our own CA to secure some websites on the internal network. Until version 101.0, the SSL was working correctly. I have updated today to firefox 101 and all our internal websites started giving SSL_ERROR_BAD_CERT_DOMAIN. There are no issues with external CA issued certificates, so I'm assuming it is something related to the way we generate the certificates. Were there any changes done at version 101 which might reject certificates with a valid common name? Is there a way to disable it and revert to version 100 options?

Thank you

Hello We use our own CA to secure some websites on the internal network. Until version 101.0, the SSL was working correctly. I have updated today to firefox 101 and all our internal websites started giving SSL_ERROR_BAD_CERT_DOMAIN. There are no issues with external CA issued certificates, so I'm assuming it is something related to the way we generate the certificates. Were there any changes done at version 101 which might reject certificates with a valid common name? Is there a way to disable it and revert to version 100 options? Thank you

所有回复 (1)

more options

See Changed in the Firefox 101 release notes.

Removed "subject common name" fallback support from certificate validation. This fallback mode was previously enabled only for manually installed certificates. The CA Browser Forum Baseline Requirements have required the presence of the "subjectAltName" extension since 2012, and use of the subject common name was deprecated in RFC 2818.