On Tue, May 27, 2014 at 08:23:36PM -0700, Dan Bryan wrote: > Hey all, > > I noticed some odd behavior in firefox and i was curious if anyone else had > this same behavior. I am using Apache with a single public IP, i am using the > named hosts option and a browser that supports "Server Name Indication" in > order to run multiple SSL sites. My default website is > "https://www.cryptosec.net"; and my 2nd named host is > "https://revoked.cryptosec.net";. When i load "https://revoked.cryptosec.net"; > in IE, or Chrome, it successfully detects the revoked status. However, if i > load it in firefox, it warns of a "Certificate mismatch" and display the > certificate for "https://www.cryptosec.net"; which is the default(fallback) > Named virtual host. It seems to me that firefox falls back to the default > named host instead of warning of revoked certificate status in this one use > case. Can anyone else confirm these results?
I guess that you figured this out already based on the other mail you send? Kurt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
