Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

ssl validity question

  • 3 답장
  • 2 이 문제를 만남
  • 3 보기
  • 최종 답변자: cor-el

more options

Wondering where the status of valid ssl's from StartCom stands and certs issued before October 2016? Will they still be valid via search engines in 2017? Thanks for the help....trying to figure out if I need to purchase a new SSL even though my ssl was purchased before the issue date with WoSign and its purchase of StartCom (where I have my current ssl cert)

Wondering where the status of valid ssl's from StartCom stands and certs issued before October 2016? Will they still be valid via search engines in 2017? Thanks for the help....trying to figure out if I need to purchase a new SSL even though my ssl was purchased before the issue date with WoSign and its purchase of StartCom (where I have my current ssl cert)

모든 댓글 (3)

more options

There is some information here:

Bug 1309707 - Distrust new certs chaining up to current WoSign/StartCom roots
Bug 1311824 - WoSign Action Items
Bug 1311832 - StartCom Action Items

Please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html

more options

I have been using:

StartCom Class 1 DV Server CA

for a few years, suddenly on FFox 51.0.1/64 i started getting:

SEC_ERROR_REVOKED_CERTIFICATE

It does work fine on FFox 45 ESR ( debian ) series...

I checked also a win10 system with the latest FFox build, same cert issue. Other browzerz, such as Chrome, are not reporting any issues.

I went to ssllabs.com to check the cert, and I got an "A".

I am not looking for workarounds, but for an explanation why Startcom is being rejected ( unless it is a bug ).

Thanks!

Mike


EDIT:

I would also like to mention, that the cert was issued on Dec 11 2016 and expires in 2019

글쓴이 paziu 수정일시

more options

It has nothing to with with this specific certificate, but this is a problem with the CA that has issued the certificate. The CA has violated the policies that Mozilla enforces to built-in root certificates and Mozilla has taken the decision to distrust involved root certificates from this CA and thus all certificates that chain to this root certificate will give an untrusted error message. Unfortunately websites that have affected certificates will have to get a new certificate. It is likely that other browsers will follow.

  • bug 1309707 - Distrust new certs chaining up to current WoSign/StartCom roots

Please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html