Recently, I ran into two issues with certificate, not really sure what’s going on. But first one with Mozilla blog is quite funny when you are using Mozilla Firefox to connect to the developer’s blog and you cannot be connected to because security issue.

I got such warning text or similar to (forgot to take a screenshot):

blog.mozilla.org uses an invalid security certificate.

The certificate is only valid for blog.mozilla.com

(Error code: ssl_error_bad_cert_domain)

It had been there for very long time, imagine that I read its blog RSS, but never could read on the real blog. The solution is to delete cert8.db in profile directory. Once I deleted it and restarted Firefox, the problem is gone.

Second issue is this OCSP (Online Certificate Status Protocol), but this one probably is more of site issue rather than of the program issue, I got these exact text:

Secure Connection Failed

An error occurred during a connection to wl.widelands.org.

The OCSP server has no status for the certificate.

(Error code: sec_error_ocsp_unknown_cert)

  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

I have to (temporarily) disable the OCSP validation from Preferences/Encryption/Validation as workaround. Don’t know what the real issue is, once OCSP is disabled, it says the certificate is verified, which is issued by StartCom Ltd. The issued date is happened to be just 24 hours ago, maybe it has something to do with the problem. Could it be OCSP server haven’t got updated since OCSP validation only does when a server is specified in certificate per my Firefox preferences.