Firebase Auth - customized redirect domain prompts NET::ERR_CERT_COMMON_NAME_INVALID warning
Because auth.mydomain.com
points to my-app-12345.firebaseapp.com
via CNAME record, host of firebaseapp.com
should provision SSL certificate for auth.mydomain.com
. It has to be done in Firebase Hosting page even if my-app-12345
is not using Firebase Hosting. Here is step-by-step method for doing that based on Firebase's documentation:
- In Firebase project
my-app-12345
's console, click Hosting on the side menu. - When Set up hosting pop-up appears, click Continue. Then click Finish.
- In Hosting page, click Connect domain.
- When Connect domain pop-up appears, enter
auth.mydomain.com
. Then click 'Redirectauth.mydomain.com
to an existing website' checkbox. Then entermy-app-12345.firebaseapp.com
. Then click Continue. - When 'Add the TXT records below to your DNS provider to verify you own
mydomain.com
' pop-up appears, follow the instruction. And click Verify. (Verifying may take some minutes). Then click Finish.
Now auth.mydomain.com
will be appeared in domain section with Pending
status. It will soon be changed to Connected
. And after some time, the NET::ERR_CERT_COMMON_NAME_INVALID
warning issue will be gone.
P.S. With help of Firebase technical support team, I have got the answer to my own question.
just to clarify, as of Jan 6th 2020, the method above (using 'Redirect' within Firebase Hosting) doesn't work anymore.
Following something written in https://levelup.gitconnected.com/how-to-connect-a-domain-to-your-firebase-project-cd47373bad79 - we can see for Authentication, we need to use "Custom Domains" and not "Redirect"
This is because if redirection is used, the SSL signed between the exit and entry points of the custom domain and Google's authentication servers will fail the handshake.
In other words:
If you are setting it up for the first time:
In Firebase project my-app-12345's console, click Hosting on the side menu.
When Set up hosting pop-up appears, click Continue. Then click Finish.
In Hosting page, click Connect domain.
When Connect domain pop-up appears, enter auth.mydomain.com. Then do not tick 'Redirect auth.mydomain.com to an existing website' checkbox. Then enter my-app-12345.firebaseapp.com. Then click Continue.
If you've already setup a Redirect domain, and you cannot get it to work - you can simply edit the entry, and change to a "Custom" type.
Wait 10 ~ 30 minutes once that has changed to have this function properly.