Firefox 3 connection now results in ssl_error_bad_cert_domain

Hi, I started using firefox 3 and I am now getting errors connecting to intra-net sites that were OK in firefox 2. We have our own intra-net and we have a CA that issues server certs and user certs. I have loaded the CA certs and the CA certs are visable under Authorities tab

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Bruce Keats wrote: Hi, I started using firefox 3 and I am now getting errors connecting to intra-net sites that were OK in firefox 2. We have our own intra-net and we have a CA that issues server certs and user certs. I have loaded the CA certs and the CA certs are visable under

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Bruce Keats wrote, On 2008-07-02 12:35: I started using firefox 3 and I am now getting errors connecting to intra-net sites that were OK in firefox 2. I don't recall any changes in that area between FF2 and FF3. We discussed making some changes, but didn't actually make them because we

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Thanks for the help. That answers a lot of questions, but raises some more. On Wed, Jul 2, 2008 at 5:01 PM, Nelson B Bolyard [EMAIL PROTECTED] wrote: That error means one thing: the name(s) in the cert do not match the name (or IP address) of the server given in the URL. Nothing you can

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Robert Relyea wrote, On 2008-07-02 14:03: Bruce Keats wrote: Hi, I started using firefox 3 and I am now getting errors connecting to intra-net sites that were OK in firefox 2. We have our own intra-net and we have a CA that issues server certs and user certs. I have loaded the CA

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Bruce Keats wrote: Don't forget that if you have host names in the Subject Alternative Name extension, then ALL the names in the cert belong there, not all-but-one. But This is no different than it was in FF2. I don't think I fully understand the ALL the names in this context.

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Nelson B Bolyard wrote: Firefox is trying to match the host name portion of the URL (which may have been an IP address) with the appropriate portion of the cert, according to RFC 2822. s/RFC 2822/RFC 2818/g, just in case somebody is desperately trying to find the relevant text in the RFC (2822

Re: Firefox 3 connection now results in ssl_error_bad_cert_domain

Kaspar Brand wrote, On 2008-07-02 21:47: Nelson B Bolyard wrote: Firefox is trying to match the host name portion of the URL (which may have been an IP address) with the appropriate portion of the cert, according to RFC 2822. s/RFC 2822/RFC 2818/g, just in case somebody is desperately