Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

Learn More

Ce sujet de discussion a été archivé. Veuillez poser une nouvelle question si vous avez besoin d’aide.

Revoked old certificate and Firefox thinks the new certificate is revoked

  • 2 réponses
  • 1 a ce problème
  • 1 vue
  • Dernière réponse par dpbaker57

dpbaker57
dpbaker57
more options

I have a site where the old certificate was about to expire. I installed a new one and revoked the previous certificate. Now Firefox and only Firefox is reporting the new certificate as expired. Safari, Edge, IE, and Chrome are all seeing the new certificate as valid. Anyone have a clue as how to fix this?

I have a site where the old certificate was about to expire. I installed a new one and revoked the previous certificate. Now Firefox and only Firefox is reporting the new certificate as expired. Safari, Edge, IE, and Chrome are all seeing the new certificate as valid. Anyone have a clue as how to fix this?

Toutes les réponses (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Firefox still uses OCSP, unlike some other browsers.

Could you double-check using: https://www.ssllabs.com/ssltest/

If you think Firefox may have cached the old certificate and that is preventing it from seeing the new one, and that persists after a normal browser restart, you could consider removing the cert9.db file as mentioned in this article: What do the security warning codes mean?

dpbaker57
dpbaker57 Auteur de la question
more options

From more research it appears Firefox still is using the CRL file. My CA seems to have screwed up and put the new certificate's serial number in the CRL file. I am installing a new certificate.