I've searched through https://developer.mozilla.org/en-US/ and Google and still cannot learn exactly why Firefox would display it's "This Connection is Untrusted" screen/UI with "(Error code: ssl_error_bad_cert_domain)" under "Technical Details".
Is it really as simple as "The SSL certificate common name does not match the fully qualified domain name (FQDN) of the webserver/website." ?
If so, then why wouldn't an SSL certificate with the common name "*.subdomain.mydomain.tld" work with the website " https://subdomain.mydomain.tld " and throw this specific error?
If so, then why wouldn't an SSL certificate with the common name "*.subdomain.mydomain.tld" work with the website " https://subdomain.mydomain.tld " and throw this specific error?
A wildcard stands for a single label and not for nothing. That means *.subdomain.example.com
does not match subdomain.example.com
but it will match foo.subdomain.example.com
. To match subdomain.example.com
too the certificate has to include both *.subdomain.example.com
and also subdomain.example.com
as subject alternative names. Note that *.example.com
would also match subdomain.example.com
but not foo.subdomain.example.com
.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.