Firebase 托管 ssl 证书显示不同的域

Question

我已将自定义域连接到 Firebase 托管，您可以在此处查看占位符网站：https : //asimetriq.com

乍一看，一切似乎都很好，但是当我查看 ssl 证书详细信息时，我看到了不相关的域详细信息。这是否正常，如果是，为什么会发生？如果不是，这是 firebase 方面的错误吗？

Answer 1

This is normal, you should go to the "Details" part to see the whole certificate content.

You will see that the certificate has a "Subject Alternative Name" extension, in which you will find many DNS names, including one for your own website. The certificate applies in the same way to all websites in this list. This is done to reduce the number of certificates to handle, specifically for servers hosting multiple websites with different names on the same IPs (if you check you will see that all names below resolves to the same set of IPs)

Your browser accepts it because it sees the content in the extension and it sees your website in it. If not, your browser would have say that the connection is insecure because there is a name mismatch between the website name in the URL and what is inside the certificate.

Certificate content:

Data:
    Version: 3 (0x2)
    Serial Number:
        03:f7:1d:8f:a5:a2:78:84:8e:5b:eb:f3:45:a9:90:2a:ce:5a
Signature Algorithm: sha256WithRSAEncryption
    Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
    Validity
        Not Before: Apr 21 17:14:16 2018 GMT
        Not After : Jul 20 17:14:16 2018 GMT
    Subject: CN=www.blowwhalestudios.uk

...

    X509v3 extensions:

...

        X509v3 Subject Alternative Name:
            DNS:1profiremiralomanorco.xyz, DNS:1profiresanbernardino.xyz, DNS:22q11northernireland.co.uk, DNS:71holiday.com, DNS:99idiomas.com.br, DNS:admin.wikifinance.com.au, DNS:agenda.zipper.com.co, DNS:akshayverma.net, DNS:alexpjames.com, DNS:alfreds.com.br, DNS:app.feedmeapp.ca, DNS:app.getpremises.com, DNS:app.givebadges.com, DNS:app.verhuisplan.be, DNS:asimetriq.com, DNS:auth.skillapp.co, DNS:auxglacesdelanse.ca, DNS:bio.apartments, DNS:calendarbuttonz.com, DNS:cammedar.com, DNS:carlan.didrik.tech, DNS:casheep.xyz, DNS:cats.grankullen.se, DNS:chcsecurity.com, DNS:coinsrage.com, DNS:coopearsa.com, DNS:ddnode.com, DNS:deliriumdesigns.com, DNS:dev.heyleap.com, DNS:dev.mundoemprendedor.org, DNS:ecoema.com.co, DNS:gamenightbuddy.com, DNS:gamestatext.com, DNS:gardenpartyfloristmukwonago.com, DNS:go-beeline.com, DNS:gruposafira.com.br, DNS:handcricketgame.com, DNS:heyleap.com, DNS:hoppy.co.uk, DNS:hyperpost.co, DNS:itsupport.conceptplusllc.net, DNS:manager.artus.io, DNS:markato.studio, DNS:mattmc.co.uk, DNS:mips.haoxp.xyz, DNS:my.valuehome.ca, DNS:openmatics.going2.com.br, DNS:opportunityspace.co, DNS:ozcaynalavalle.com.ar, DNS:parkero.se, DNS:paybacks.rocks, DNS:physio-vd.ch, DNS:pokus.severa.name, DNS:portal.gruposafira.com.br, DNS:q.crawlink.com, DNS:rockpepaine.ro, DNS:safetolk.se, DNS:satin.silkypresets.com, DNS:scorecard.curtisrutland.com, DNS:seaportpuntadeleste.com.uy, DNS:secure.pam3.ru, DNS:sendsms.cc, DNS:shiftfirst.ai, DNS:smuldersbram.bramsmulders.com, DNS:superadmin.qulinaryapp.com, DNS:test.keystone-energy.co.uk, DNS:vot.thundersha.work, DNS:www.1profirecorona.xyz, DNS:www.1profiremiralomanorco.xyz, DNS:www.1profiresanbernardino.xyz, DNS:www.256co.com, DNS:www.auxglacesdelanse.ca, DNS:www.bangkokwomensrun.com, DNS:www.blowwhalestudios.uk, DNS:www.calendarbuttonz.com, DNS:www.coopearsa.com, DNS:www.digitalnauts.com, DNS:www.donadafesta.com.br, DNS:www.dot3digital.com, DNS:www.greenpilates.net, DNS:www.happinessisajourney.com, DNS:www.haxor.com, DNS:www.hoppy.co.uk, DNS:www.insulcoat.co.za, DNS:www.juntstrenquembarreres.cat, DNS:www.kakobotasso.com.br, DNS:www.kangsenan.com, DNS:www.letspla.net, DNS:www.mi11er.net, DNS:www.mileageondemand.com, DNS:www.n-studios.tk, DNS:www.narrated.co, DNS:www.physio-vd.ch, DNS:www.sears.ca, DNS:www.shiftfirst.ai, DNS:www.suisse-connect.ch, DNS:www.thinkingandwriting.org, DNS:www.venturehacks.xyz, DNS:www.vivionline.com.br, DNS:www.wizy.vn