DNS Name Matches SAN, but getting SSL_ERROR_BAD_CERT_DOMAIN in Firefox Only
I'm experiencing an issue with Firefox only (Edge and Chrome are fine) with a specific site/certificate and was hoping someone had some advice.
The site in question is github.ourcompany.com, which has a certificate issued with the following:
Subject Common Name: *.github.ourcompany.com
And the following Subject Alt Names: DNS: *.github.ourcompany.com DNS: *.github DNS: github.ourcompany.com DNS: github IP: 10.x.x.x
When I browse to https://github.ourcompany.com, I get a SSL_ERROR_BAD_CERT_DOMAIN message, even though github.ourcompany.com is a valid SAN. I'm wondering if this is to do with validation rules regarding wildcard SANs, or perhaps the order of the SANs. Has anyone seen this before?