Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Why does Firefox block secure sites that are trusted by a sub-ca cert if the site uses a non-standard port that isn't included in the SANs?

  • 3 uphendule
  • 1 inale nkinga
  • 1 view
  • Igcine ukuphendulwa ngu John

more options

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?

Navigating to an HTTPS site (ex. https://consul.service.consul) works fine with my imported sub-ca cert as it includes consul.service.consul as a SAN. If I change the port the site is served from to something non-standard however, the site comes back as not trusted (ex. https://consul.service.consul:8501). Is this expected behavior to have to include port numbers in a SAN listing for certificates, or is this a bug potentially?
Ama-screenshot ananyekiwe

Isisombululo esikhethiwe

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 0

All Replies (3)

more options

sometimes your add on preventing that with a pop up , or else check your FF settings if they are at default!!

it could be even something wrong with the site as well,

more options

I'm finding this question hard to research. I think that means it is supposed to work. If you want to file a bug:

https://bugzilla.mozilla.org/

more options

Isisombululo Esikhethiwe

It appears that this issue was resolved in the latest releases. Not sure what was done, but I'm glad it's fixed never-the-less. Thanks for the responses all!