STR: 1) Open https://portal.nav-it.ru/ 2) Firefox Nightly displays "SEC_ERROR_REVOKED_CERTIFICATE" error page. https://www.ssllabs.com/ssltest/analyze.html?d=portal.nav-it.ru shows that Revocation status is Good (not revoked) IE and Google Chrome work fine with this site.
StartCom certificates have been revoked from Firefox: https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/ Chrome and Apple dit the same: https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html https://support.apple.com/en-us/HT204132 The website needs to use a different vendor, like Let's Encrypt: https://letsencrypt.org/
I can reproduce in Windows and today´s nightly. Mozilla/5.0 (Windows NT 6.1; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0
Status: UNCONFIRMED → NEW
Ever confirmed: true
Component: Security → Desktop
Product: Firefox → Tech Evangelism
Summary: Connection to https://portal.nav-it.ru/ fails with "SEC_ERROR_REVOKED_CERTIFICATE" code → portal.nav-it.ru uses revoked certificate from StartCom
Version: unspecified → Firefox 51
I sent an email to email@example.com explaining the details of this bug. Switching to sitewait.
Assignee: nobody → astevenson
Status: NEW → ASSIGNED
This appears to have been fixed as I am showing a Let's Encrypt cert for the site.
Yes, they swicthed to Let's Encrypt.
Status: ASSIGNED → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.