kvic-z
commented
3 years ago Acknowledged.
I'm a little surprised it took us this long to realise the issue. Apparently in the spec of domains, ".com" is the equivalent of ".co.uk" as a whole. Hence, we can't aggressively reduce it down to .co.uk just like we can't do .com.
The Certificate creation for "double name" TLD's is not working at all. Test it with bad-address.co.uk or bad-address.co.za
All this "double name" TLD's are not able to generate a valid certificate. The Cert issuer is either '
*.co.uk' or '*.co.za' which will rejected as valid from the browser.I already send a mail with screenshots to Steven.