i cannot open the website of my school, i get SEC_ERROR_REVOKED_CERTIFICATE
since firefox upgraded to 51 (this morning) i am not able to open my school's site i get the answer SEC_ERROR_REVOKED_CERTIFICATE; telling the certificate was peer's. until they correct the certification isn't there a way to bypass the blocking of the site, that i trust, and i need to work in ? thanks to all
Isisombulu esikhethiweyo
It is a StartCom certificate and thus affected by the security issue posted above.
- Issuer StartCom Class 2 IV Server CA
Distrusting New WoSign and StartCom Certificates Mozilla has discovered that a Certificate Authority (CA) called WoSign has had a number of technical and management failures. Most seriously, we discovered they were backdating SSL certificates in order to get around the deadline that CAs stop issuing SHA-1 SSL certificates by January 1, 2016. Additionally, Mozilla discovered that WoSign had acquired full ownership of another CA called StartCom and failed to disclose this, as required by Mozilla policy. The representatives of WoSign and StartCom denied and continued to deny both of these allegations until sufficient data was collected to demonstrate that both allegations were correct. The levels of deception demonstrated by representatives of the combined company have led to Mozilla’s decision to distrust future certificates chaining up to the currently-included WoSign and StartCom root certificates. This change will go into the Firefox 51 release train.
You can contact the website and point them to the article:
You can consider to use the Firefox 45.7.0 ESR version that doesn't have this fix yet if you are willing to take the risk.
- https://www.mozilla.org/en-US/firefox/organizations/all/
- https://www.mozilla.org/en-US/firefox/organizations/notes/
- https://www.mozilla.org/en-US/firefox/organizations/system-requirements/
All Replies (10)
Browsers look at a website's certificates so that your information remains safe when it connects you to that website. Recently, an issue has been discovered with two types of certificates: WoSign and StartCom. Websites that use these certificates will no longer work with major browsers, including Firefox. This is to ensure your information doesn't get stolen when you visit these websites.
For more information, see Distrusting New WoSign and StartCom Certificates.
in my case the error message is Peer’s Certificate has been revoked. Error code: SEC_ERROR_REVOKED_CERTIFICATE
I understand your answer but is there for me a way to bypass, since in that case there is no risk, who will stole or pirate a math course ?
depending on the site it may be possible to access it through a http url. please note that other browsers like google chrome are also revoking trust in these root CAs so it's ultimately the task of your school to rectify the situation.
if i understand in place of https: i try http:
it did not work anything else ?
Just to be sure, try to create a new profile to test if your current profile is causing the problem.
See "Creating a profile":
- https://support.mozilla.org/kb/profile-manager-create-and-remove-firefox-profiles
- http://kb.mozillazine.org/Standard_diagnostic_-_Firefox#Profile_issues
If the new profile works then you can transfer files from a previously used profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over problems.
thanks for your help but even with the new profile it did not work let me add that on a computer where i did not upgrade firefox to 51 it works and on a third one (windows old) that upgraded itself it does not work
Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?
You can check the server via this website:
i checked and if you send me a direction i'll send you the results at a first look (and taking in account that i do not know much) the testing seems positive
about the site it is under authentication except the first page https://campus.groupe-efrei.fr/
thanks for your help
Isisombululo esiKhethiweyo
It is a StartCom certificate and thus affected by the security issue posted above.
- Issuer StartCom Class 2 IV Server CA
Distrusting New WoSign and StartCom Certificates Mozilla has discovered that a Certificate Authority (CA) called WoSign has had a number of technical and management failures. Most seriously, we discovered they were backdating SSL certificates in order to get around the deadline that CAs stop issuing SHA-1 SSL certificates by January 1, 2016. Additionally, Mozilla discovered that WoSign had acquired full ownership of another CA called StartCom and failed to disclose this, as required by Mozilla policy. The representatives of WoSign and StartCom denied and continued to deny both of these allegations until sufficient data was collected to demonstrate that both allegations were correct. The levels of deception demonstrated by representatives of the combined company have led to Mozilla’s decision to distrust future certificates chaining up to the currently-included WoSign and StartCom root certificates. This change will go into the Firefox 51 release train.
You can contact the website and point them to the article:
You can consider to use the Firefox 45.7.0 ESR version that doesn't have this fix yet if you are willing to take the risk.
let's say it is on the way to be solved it depends now on the website many thanks to all of you Patrick Teller