Giters

EFForg / https-everywhere

A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections.

Home Page:https://eff.org/https-everywhere

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Bug? SSL_ERROR_BAD_CERT_DOMAIN happening with email links (Firefox)

madb1lly opened this issue · comments

commented

Type: other

Hi all,

Some links from emails have been giving me the "Warning: Potential Security Risk Ahead" page with the error message "SSL_ERROR_BAD_CERT_DOMAIN". I originally thought it was a Firefox problem but tracked it down to the HTTPS Everywhere Addon (https://support.mozilla.org/en-US/questions/1333724).

Some examples of links that I get this message for:
https://click.mail10.smallworldlabs.net/ls/click?upn=4FIN3hZFvI-2BP9iq5nue2vk-2BIMF5sm7TLqXM-2BBHmHs4tQjfdaurWm34ztLj9SPiVE4gseyCl-2FaqSWT59ygV9BpAcDzFkriqc5NC2qBiwl5aOaxL8F5mgo-2BFX-2Fgbi7iwZeFhIlJVBY5pUPWQy6owSYMskwXWDY7Y1aaoMS-2BkHbmCPTNSg29Z4JoYD7fjx9bZW5b2-2Fg5dX2SSuZS5csOf3H6IGmB8UNGulRns8j4EzznpinCvgJxocujRrlszMnMzDFaGlZcc-2BWOcJNASuRsaEH6HcXAoqMnLhDAoAdn0UChLWOY-2FfbP2Ib-2FUEDr6NloUbD-2FnHqHVVYd821nihjMp740-2F5x7GMXZmwRiFR7H2o2PqTC4rmR-2BSqxJ-2BuAl15SvxjWYbO9ClP8PSHw5pY80IikJqK10tVO8wFNKUY0vnffi80-3DW8m3_a4b-2FpboTDHPk-2BrdoYKQMvkNzRfSbL-2BRxE8OVpRrBC237mTF3qcpluLuTnfAWEU7fFwhhtOg-2BbDd1pxD5bmCpb3y8948sPEH5oTF-2Fsg1k82R-2Be5SnCvGNogmdD1MB5K11JV0Ow8rxc63etMs7M6GZzfslGWbxLHW9hydaH2RME5RPXqcBAsIRau-2FizQsq15rW5BclijLm23gWXw-2BvlJjO8gxiJ-2BQwpw2wvKihYGT4DKxPTObnz-2Fpn1ua2ng0ah-2BN1xDub-2Bav5GSEDaq4OPiG8JUArfSPtya-2ByoEn6CzLpZaqsLJ5rbTCztuAV25pOmNhojUORS-2Fnyv8FFlz-2Fh4EX6xolAvA1UgOdaXT3xescKfmROnAvFsYyB88QxIKBXi1-2Br

Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for click.mail10.smallworldlabs.net. The certificate is only valid for the following names: *.sendgrid.net, sendgrid.net

Error code: SSL_ERROR_BAD_CERT_DOMAIN

https://click.topgear.bbc.com/?qs=c719f0befb99016fe4d64e88dc7ec435f7eee7452916295aaa562fc47d530c91af5900c5d298ac67019e3560abca9b8eab0be3a91e8e632f

Firefox does not trust this site because it uses a certificate that is not valid for click.topgear.bbc.com. The certificate is only valid for origin-click.s6.exacttarget.com.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

If I disable HTTPS Everywhere then I don't get the error message and the links work correctly.

Cheers 🙂