Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Natao arisiva ity resaka mitohy ity. Mametraha fanontaniana azafady raha mila fanampiana.

Why does Firefox block secure sites that are trusted by a sub-ca cert if the site uses a non-standard port that isn't included in the SANs?

  • 3 valiny
  • 1 manana an'ity olana ity
  • 10 views
  • Valiny farany nomen'i John

more options

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?
Sarin'efijery napaingotra

Vahaolana nofidina

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!

Hamaky an'ity valiny ity @ sehatra 👍 0

All Replies (3)

more options

sometimes your add on preventing that with a pop up , or else check your FF settings if they are at default!!

it could be even something wrong with the site as well,

more options

I'm finding this question hard to research. I think that means it is supposed to work. If you want to file a bug:

https://bugzilla.mozilla.org/

more options

Vahaolana Nofidina

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!