Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

ssl validity question

  • 3 réponses
  • 2 ont ce problème
  • 3 vues
  • Dernière réponse par cor-el

more options

Wondering where the status of valid ssl's from StartCom stands and certs issued before October 2016? Will they still be valid via search engines in 2017? Thanks for the help....trying to figure out if I need to purchase a new SSL even though my ssl was purchased before the issue date with WoSign and its purchase of StartCom (where I have my current ssl cert)

Wondering where the status of valid ssl's from StartCom stands and certs issued before October 2016? Will they still be valid via search engines in 2017? Thanks for the help....trying to figure out if I need to purchase a new SSL even though my ssl was purchased before the issue date with WoSign and its purchase of StartCom (where I have my current ssl cert)

Toutes les réponses (3)

more options

There is some information here:

Bug 1309707 - Distrust new certs chaining up to current WoSign/StartCom roots
Bug 1311824 - WoSign Action Items
Bug 1311832 - StartCom Action Items

Please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html

more options

I have been using:

StartCom Class 1 DV Server CA

for a few years, suddenly on FFox 51.0.1/64 i started getting:

SEC_ERROR_REVOKED_CERTIFICATE

It does work fine on FFox 45 ESR ( debian ) series...

I checked also a win10 system with the latest FFox build, same cert issue. Other browzerz, such as Chrome, are not reporting any issues.

I went to ssllabs.com to check the cert, and I got an "A".

I am not looking for workarounds, but for an explanation why Startcom is being rejected ( unless it is a bug ).

Thanks!

Mike


EDIT:

I would also like to mention, that the cert was issued on Dec 11 2016 and expires in 2019

Modifié le par paziu

more options

It has nothing to with with this specific certificate, but this is a problem with the CA that has issued the certificate. The CA has violated the policies that Mozilla enforces to built-in root certificates and Mozilla has taken the decision to distrust involved root certificates from this CA and thus all certificates that chain to this root certificate will give an untrusted error message. Unfortunately websites that have affected certificates will have to get a new certificate. It is likely that other browsers will follow.

  • bug 1309707 - Distrust new certs chaining up to current WoSign/StartCom roots

Please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html