본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Firefox regards StartCom SSL connections as "Untrusted"

  • 5 답장
  • 49 이 문제를 만남
  • 1 보기
  • 최종 답변자: cbrandle

more options

StartCom is an SSL certificate authority which issues free class1 SSL certificates for websites. I have installed their SSL certificates on a few websites and each of them when accessed in firefox, presents an error entitled, "This Connection is Untrusted." Having tried to access the websites in all other popular browsers, including: IE 8.0, IE 9.0RC, Safari, Opera and Google Chrome, I have had no issues and the websites' SSl pages were displayed in these browsers without any issues.

StartCom is an SSL certificate authority which issues free class1 SSL certificates for websites. I have installed their SSL certificates on a few websites and each of them when accessed in firefox, presents an error entitled, "This Connection is Untrusted." Having tried to access the websites in all other popular browsers, including: IE 8.0, IE 9.0RC, Safari, Opera and Google Chrome, I have had no issues and the websites' SSl pages were displayed in these browsers without any issues.

모든 댓글 (5)

more options

Firefox has the StartCom root certificate.

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates

Are you sending all required intermediate certificates?

more options

Many thanks cor-el for your reply, I have checked the site URL using the link you posted above. All seems fine but firefox still displays the same "untrusted" message.

The answer to your question is yes. I have downloaded all relevant intermediate certificates and uploaded them in one single bundle. Firefox still doesn't like it.

The site's URL is: www.saversquare.com

글쓴이 marxam 수정일시

more options

No problems here with that website.
I've seen such issues before and it helps in such cases if you remove the stored intermediate certificates that are used by that connection, in this case the "GeoTrust DV SSL CA".

Stored intermediate certificates show as "Software Security Device" in the Security Device column in the Certificate Manager.

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates
more options

You see no problem now because after trying everything I possibly could with the StartSSL certificates, I ditched the idea of a free cert and opted for a new GeoTrust certificate, got it in a couple of hours and I had the site up and running in all browsers in no time.

There are other sites I am managing that use startssl where the problem still persists.

Here's a link to another example: [CAUTION: CONTENT WARNING]

https://www.itickle.co.uk/

글쓴이 marxam 수정일시

more options

You have a problem with implementing the StartSSL keys on your server. To test use this command: echo GET | openssl s_client -connect www.itickle.co.uk:443 -state -showcerts

Basically it says you have imported the wrong StartSSL root public key on your server.