Peer's Certificate has been revoked
I just upgraded our web server with a renewed cert as our current cert expires later this week. When I browse to our site via FF it is throwing this error:
Secure Connection Failed
An error occurred during a connection to www.rivworks.com.
Peer's Certificate has been revoked. (Error code: sec_error_revoked_certificate)
* The page you are trying to view can not be shown because the authenticity of the received data could not be verified.
* Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
When I try IE (v6 - v8) I do not get this error. I've searched this site, Bing and Google and am not finding a solution for this. If I had long hair I'd be pulling it out!
Any help is appreciated!
ADDITIONAL INFO:
After working the search engines over I have come to conclude this is a problem in FF and not with my cert. My cert issuer has been going through it with a fine tooth comb and every thing they can do shows all of my cert chain is in working order. FF just hates a renewed cert!
The one (and only one) link I got for a possible fix is here: http://www.wallpaperama.com/forums/firefox-error-code-sec-error-revoked-certificate-t7301.html. This leads to the solution this guy came up with here: http://www.wallpaperama.com/forums/installing-ssl-certificate-in-a-godaddy-dedicated-server-with-ispconfig-t7300.html. Unfortunately - it is for a UNIX server and I don't know how to translate UNIX to WINDOWS SERVER 2003.
Any help?
Solution 1:
Have you looked at the cert in FF or IE to see if you can get any clue as to what's wrong? Could it be that the certificate chain is broken because an intermediate certificate is no longer valid?
Solution 2:
Solution on other sites regarding uncheck OSCP query on browsers (firefox in options or certificate settings to uncheck OSCP query option) doesn't seems right solution. OSCP (Online Certificate Status Protocol) is internet protocol used for obtaining the revocation status of your digital certificate. See details here
If OSCP response doesn't confirm certificate is OK, Browser will show Error such as sec_error_revoked_certificate . Better to check broken chain of certificate installed or its validity.