Peer's Certificate has been revoked

certificate ssl ssl-certificate iis-6

I just upgraded our web server with a renewed cert as our current cert expires later this week. When I browse to our site via FF it is throwing this error:

Secure Connection Failed 
An error occurred during a connection to www.rivworks.com. 
Peer's Certificate has been revoked. (Error code: sec_error_revoked_certificate)
            *   The page you are trying to view can not be shown because the authenticity of the received data could not be verified.
            *   Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

When I try IE (v6 - v8) I do not get this error. I've searched this site, Bing and Google and am not finding a solution for this. If I had long hair I'd be pulling it out!

Any help is appreciated!

ADDITIONAL INFO:
After working the search engines over I have come to conclude this is a problem in FF and not with my cert. My cert issuer has been going through it with a fine tooth comb and every thing they can do shows all of my cert chain is in working order. FF just hates a renewed cert!

The one (and only one) link I got for a possible fix is here: http://www.wallpaperama.com/forums/firefox-error-code-sec-error-revoked-certificate-t7301.html. This leads to the solution this guy came up with here: http://www.wallpaperama.com/forums/installing-ssl-certificate-in-a-godaddy-dedicated-server-with-ispconfig-t7300.html. Unfortunately - it is for a UNIX server and I don't know how to translate UNIX to WINDOWS SERVER 2003.

Any help?


Solution 1:

Have you looked at the cert in FF or IE to see if you can get any clue as to what's wrong? Could it be that the certificate chain is broken because an intermediate certificate is no longer valid?

Solution 2:

Solution on other sites regarding uncheck OSCP query on browsers (firefox in options or certificate settings to uncheck OSCP query option) doesn't seems right solution. OSCP (Online Certificate Status Protocol) is internet protocol used for obtaining the revocation status of your digital certificate. See details here

If OSCP response doesn't confirm certificate is OK, Browser will show Error such as sec_error_revoked_certificate . Better to check broken chain of certificate installed or its validity.

Related

Force outlook to refresh/update calender more often?
Clock synchronisation on kvm guests
Import .cer certificate from Windows command line
Visual SVN 2.0 and IIS
Monitor BGP connections
What performance counter is used to display total RAM usage on a Windows 2008 server?
Updating snort rules automatically
What are EC2 Best Practices?
"Touching" software deployment group policy programmatically or via script
The directory service has exhausted the pool of relative identifiers
Using wget to fetch password protected website (trac wiki page)
Finding the root cause of 100% iowait in Linux