I have a secure connection failed error, but the SSL Certificate is current and valid. This is a Firefox browser issue as the site is secure on other browsers.
When user goes to www.hsmammuntion.com they get the error below. This site comes up in all other browsers except Firefox. The SSL Certificate has been checked and verified at: https://www.sslshopper.com/ssl-checker.html?hostname=hsmammunition.com How do we resolve this issue?
"Secure Connection Failed
An error occurred during a connection to hsmammunition.com. Peer’s Certificate has been revoked. Error code: SEC_ERROR_REVOKED_CERTIFICATE
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
Report errors like this to help Mozilla identify and block malicious sites"
Additional System Details
- User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/61.0
When I run the website through SSLLabs, it says the certificate has been revoked. https://www.ssllabs.com/ssltest/analyze.html?d=www.hsmammunition.com&latest
Are you the website owner?
I help support the website. We checked the site on SSL Checker (https://www.sslshopper.com/ssl-checker.html) and it shows fine. All other browsers are showing the site secure except Firefiox.
I'd trust SSLLabs's report. Please followup with Godaddy (looks like they are your certificate issuer) to figure out why it's revoked.
You've got some other serious security issues with that site anyway
I'm on the phone with GoDaddy and they are saying the SSL is fine. I've asked them to check again.
Tell them SSLlabs is reporting a revocation
This has happened to some other GoDaddy hosting customers who posted here in recent years. I can't recall anyone reporting back on why it happened. Seems fixed now.
Yep, definitely not revoked any longer.
HOWEVER, you still are missing some serious security features on your site. I'd strongly encourage you check out the following:
to get your website back up to where it should be to keep it and your customers safe
SSL Labs is passing now, but observatory.mozilla is still showing a fail. We reissued the SSL. Any ideas?
The Observatory site assesses parameters other than the certificate. You'll need to click through the individual items to determine how important they are for your users. For example, if you take payments, protecting against cross-site scripting attacks may be more important than if you only provide information.