This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

New server cert not recognized by firefox

more options

Note: I control the server. The following is noted on the client:

Your connection is not secure

The owner of [myDomain] has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

And yet, an online cert checker states: Congratulations! This certificate is correctly installed.

So, the obvious answer is it's a caching problem. I found 2 cookies from the old domain that I deleted and then cleared the cache. No luck. *Yes, old domain as I now have a new domain. It sees the old cert for the old domain, which I have revoked and deleted with "certbot revoke". Using Letsencrypt on ubuntu 16.04

Thank you in advance for any help!

Note: I control the server. The following is noted on the client: Your connection is not secure The owner of [myDomain] has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. And yet, an online cert checker states: Congratulations! This certificate is correctly installed. So, the obvious answer is it's a caching problem. I found 2 cookies from the old domain that I deleted and then cleared the cache. No luck. *Yes, old domain as I now have a new domain. It sees the old cert for the old domain, which I have revoked and deleted with "certbot revoke". Using Letsencrypt on ubuntu 16.04 Thank you in advance for any help!

Valgt løsning

So how's this for strange and obscure but true solutions? I had an ipv6 DNS record defining the domain IP address as ::1. Deleting that record resolved the certificate problem, I now see the current cert. Thanks for everything!

Les dette svaret i sammenhengen 👍 1

All Replies (7)

more options

I should probably mention that someone else took a look at my page and gets the correct cert, it's just me having the problem.

more options

If you are using the new host name, I don't understand why Firefox would receive a certificate for the old host name. If you try a private window, does that make any difference? A private window bypasses the regular browser cache was well as cookies.

more options

@jscher2000 I also don't understand and that's a great idea! Unfortunately it made no difference. Problem remains even in private window.

more options

Is your cert db in firefox still containing the old cert? was the old or new cert a wildcard or even on a common ip, i.e on a amazon VPS where you push content to the amazon provided IP, however the content resides on a locally managed server?

more options

cert db in firefox... I was thinking there had to be such a thing.... where do I find it? How do I edit it to remove the old cert?

I'm not sure how to answer your question about a common IP. I'm not using Amazon, just a normal VPS provider. No wild cards.

more options

Valgt løsning

So how's this for strange and obscure but true solutions? I had an ipv6 DNS record defining the domain IP address as ::1. Deleting that record resolved the certificate problem, I now see the current cert. Thanks for everything!

more options

Thanks for reporting back. I haven't learned anything about IPv6 DNS records, so definitely would never have thought of that.