Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does Firefox block secure sites that are trusted by a sub-ca cert if the site uses a non-standard port that isn't included in the SANs?

  • 3 replies
  • 1 has this problem
  • 1 view
  • Last reply by John

more options

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?
Attached screenshots

Chosen solution

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!

Read this answer in context 👍 0

All Replies (3)

more options

sometimes your add on preventing that with a pop up , or else check your FF settings if they are at default!!

it could be even something wrong with the site as well,

more options

I'm finding this question hard to research. I think that means it is supposed to work. If you want to file a bug:

https://bugzilla.mozilla.org/

more options

Chosen Solution

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!