Firefox 上通过 https 上的 appengine 上的通配符子域 [英] Wildcard subdomains on appengine over https on firefox
问题描述
当我使用 chrome 访问 https://wild.rileylark.appspot.com 时,我得到漂亮的这很棒"图标.当我使用 firefox 4 时,我收到我的天,你被影响"消息:
When I go to https://wild.rileylark.appspot.com with chrome, I get the nice "this is going great" icon. When I use firefox 4, I get the "omg, you're effed" message:
wild.rileylark.appspot.com 使用安全证书无效.
wild.rileylark.appspot.com uses an invalid security certificate.
该证书仅适用于以下名称: *.appspot.com ,*.*.appspot.com , appspot.com
The certificate is only valid for the following names: *.appspot.com , *.*.appspot.com , appspot.com
- 这正常吗?
- 我可以做些什么来解决这个问题?
推荐答案
所以这里的具体条件是证书上的名字是*.appspot.com
,*.*.appspot.com
出现在证书的主题备用名称字段中.
So the specific condition here is that the name on the certificate is *.appspot.com
, and *.*.appspot.com
appears within the cert's Subject Alternate Names field.
一个被拒绝的 Chrome 错误涵盖了这种情况.在其中,受访者表示 Chrome 故意不支持这一点,指向 Firefox 源代码暗示相同,并断言两者都遵循 IETF 推荐的 实现RFC 2818.
A rejected Chrome bug covers this exact scenario. In it, the respondent indicates that this is deliberately unsupported in Chrome, points to Firefox source code suggesting the same, and asserts that both are following the IETF's recommended implementation of RFC 2818.
这篇关于Firefox 上通过 https 上的 appengine 上的通配符子域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!