First, let me introduce myself, I'm a famous investor of ccTLD domains from China.
Recently we get an easy-remember domain www.sb, please note the extension is .sb I ordered a Comodo Positive SSL for this domain, the common name which I submit is www.sb Usually they will give us a certificate for www.sb and www.www.sb, but this time Comodo issues a certificate with DNS name www.sb and sb I can't find our certificate in crt.sh but can be viewed here https://censys.io/certificates/719c282a51e935051e88bf6115dda0731da21c0e12c08e6bcea36078e83e4966 Or you can simply type https://www.sb/ in your browser to view the certificate https://www.sb/uploads/images/201609/24/181/n9k4qfbVYj.png I also tried to make an nginx conf in my server for https://sb/ you can change your /etc/hosts or just use curl commmand curl -v -H "Host: sb" https://www.sb/ You can find 403 Forbidden in title without any SSL certificate error because I set the return status for https://sb/ to 403 Sorry for my bad English Best Regards, @Showfom _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy