Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo
Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.
Argivearre

Valid certifcate, but "ssl_error_bad_cert_domain"

knobi@knobisoft.de beäntwurde
knobi@knobisoft.de

I have a SSL web-server xxx.yyy with a valid certificate that is signed by a CA known to Firefox.

When I access "https://xxx.yyy" everything is fine. When I access "https://xxx.yyy/some_page", I get the "This Connection is Untrusted" dialog, which tells me:

Technical Details xxx.yyy uses an invalid security certificate. The certificate is only valid for @subject_cn@ (Error code: ssl_error_bad_cert_domain)

When I then try to add an exception, after some seconds it tells me: "Valid certificate: This site provides valid, certified identification. There is no need to add an exception".  And the "Confirm Security Exception" button stays greyed out.
Now I am stuck .... :-(

Thanks in advance

I have a SSL web-server xxx.yyy with a valid certificate that is signed by a CA known to Firefox. When I access "https://xxx.yyy" everything is fine. When I access "https://xxx.yyy/some_page", I get the "This Connection is Untrusted" dialog, which tells me: ##### Technical Details xxx.yyy uses an invalid security certificate. The certificate is only valid for @subject_cn@ (Error code: ssl_error_bad_cert_domain) ##### When I then try to add an exception, after some seconds it tells me: "Valid certificate: This site provides valid, certified identification. There is no need to add an exception". And the "Confirm Security Exception" button stays greyed out. Now I am stuck .... :-( Thanks in advance

Alle antwurden (4)

I am suspecting the "@subject_cn@" wants to tell me something. Why doesn't it show the CN of the certificate (xxx.yyy)?

Just some more info: the SSL server is on a different network, behind a Socks5 proxy (firefox) configured to do DNS lookups. Maybe this is related...

Some more info. The proxy configuration is not the problem. It might be that the certificate has a problem after all.

When inspecting the certificate with openssl, it shows;

> X509v3 Subject Alternative Name: > DNS:@subject_cn@, email:user@zzz.yyy

Is that a syntax recognized by firefox? Is that valid at all?

cookies should be enabled in your browser for CAPTCHA validation. how do I enable this to allow these cookies from this site for registration.