Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


My WoSign Free SSL certificate has been revoked suddenly?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

My WoSign Free SSL certificate has been revoked suddenly?

On this very forum (this thread) I found a link to where I could get a multi-domain certificate signed by WoSign for free, signed up for one and have used it on my site for months without issues.

Suddenly, recently it's now listed as 'revoked' (not expired; it's listed as valid until 2017). I've contacted WoSign to ask why this has happened, but I'm just wondering if it's happened to anyone else?

http://www.lowendtalk.com/discussion/41289/free-chinese-2-year-ssl-certificate-dv-kuaissl-by-wosign-com

«1

Comments

  • Weird mine isn't revoked.

  • I am having a different problem...The android mobile default browser and maxthon...throws an unknown security certificate error

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

    @noaman said:
    I am having a different problem...The android mobile default browser and maxthon...throws an unknown security certificate error

    Is the Certificate Chain properly installed ?? I faced same problem in CM Browser when there is a Chain issue.

  • rm_rm_ IPv6 Advocate, Veteran

    Just checked mine, not revoked so far (Chinese cert till 8/2018).

  • I have several 3 and 1 year certs and none of them is revoked.

    Weird

  • What's the URL? You can use my site to check the full status of the certificate: https://ssldecoder.org/

  • MadMad Member

    Did you get any reply from them?
    Just to know what exactly happened.

  • Mahfuz_SS_EHLMahfuz_SS_EHL Host Rep, Veteran

    @Raymii said:
    What's the URL? You can use my site to check the full status of the certificate: https://ssldecoder.org/

    I sent you an Email once, but didn't get any reply. Probably, 2/3 Months ago !

  • @Raymii said:
    What's the URL? You can use my site to check the full status of the certificate: https://ssldecoder.org/

    Nice try ;)

    It just went down during the check with a Cloudflare 524 error :P. You better fix that if you want people to use your service.

    Qualys SSL Labs is another alternative to check the SSL setup + certificate status.

  • Mine's still valid till 2018.

  • @Hidden_Refuge said:
    It just went down during the check with a Cloudflare 524 error :P. You better fix that if you want people to use your service.

    Which url did you try to test?

  • NyrNyr Community Contributor, Veteran

    Mine isn't revoked for now.

  • @Raymii said:

    My blog hiddenrefuge.eu.org

  • NeoonNeoon Community Contributor, Veteran
  • @Infinity580 said:
    Hidden_Refuge

    U wot m8?

    Thanked by 1netomx
  • NeoonNeoon Community Contributor, Veteran

    @Hidden_Refuge

    Because of the "hidden".

    Thanked by 1netomx
  • It seems to work here: https://ssldecoder.org/results/saved.hiddenrefugeeuorg.1445588680.16fe84a8f5bf0d226a7d839cd139877f.html

    Cert is not revoked, and you do quite well with your settings, Public Key Pinning, OCSP stapling, Strict Transport Security.

    Well done.

  • Just thought I would mention that as of now, you can only get certs which covers a single-domain for one-year from WoSign. Ie: no more two/three-year certs with multiple domain

  • rm_rm_ IPv6 Advocate, Veteran
    edited October 2015

    Does not give a percentage or "grade" ranking => the Qualys one is better.

    Thanked by 14n0nx
  • teknolaizteknolaiz Member
    edited October 2015

    @Raymii said:
    It seems to work here: https://ssldecoder.org/results/saved.hiddenrefugeeuorg.1445588680.16fe84a8f5bf0d226a7d839cd139877f.html

    Cert is not revoked, and you do quite well with your settings, Public Key Pinning, OCSP stapling, Strict Transport Security.

    Well done.

    Hmm strange. I don't know why or what happened but when I issued the test on IPv4 domain port 443 the page loaded for a while and went down with a 524 CF error.

    Uhm. Yes, I've a strong setup I'd say. A+ on Qualys SSL Labs server test. HPKP, HSTS, OCSP stapling, strong ciphers, SHA256, TLSv1.1/1.2 only and etc..

    I have my vHost template on Github: https://github.com/hidden-refuge/nginx-conf/blob/master/vhost.conf

  • GM2015GM2015 Member
    edited October 2015

    Hope you don't mind me asking, is your template working with wordpress rewrite urls?

    I find that the template config I used from owncloud.org gives me 404-s for rewrites. Will test yours and find out regardless.

    Nginx conf.d www.conf work for me on http, but not on https.

    If any of you want a nice link(SEO), just scan your site with Remi's https://ssldecoder.org and https://www.ssllabs.com, then submit your ipv4 and ipv6 result to https://www.google.com/webmasters/tools/submit-url.

    Hidden_Refuge said: Hmm strange. I don't know why or what happened but when I issued the test on IPv4 domain port 443 the page loaded for a while and went down with a 524 CF error.

    Uhm. Yes, I've a strong setup I'd say. A+ on Qualys SSL Labs server test. HPKP, HSTS, OCSP stapling, strong ciphers, SHA256, TLSv1.1/1.2 only and etc..

    I have my vHost template on Github: https://github.com/hidden-refuge/nginx-conf/blob/master/vhost.conf

  • @GM2015 said:
    Hope you don't mind me asking, is your template working with wordpress rewrite urls?

    I find that the template config I used from owncloud.org gives me 404-s for rewrites. Will test yours and find out regardless.

    Nginx conf.d www.conf work for me on http, but not on https.

    Yes, Wordpress rewrite works with my configuration.

    Are you sure you setup everything properly? All path correct?

  • @GM2015 said:
    Hope you don't mind me asking, is your template working with wordpress rewrite urls?

    You're not talking about the SSL decoder right now are you? because that does no URL rewriting or nice URL's.

  • I asked Hidden_refugee about his config file on github whether it worked with wordpress ssl url rewrites because my config files are throwing 404s for https://mysite.com/some-nice-post, while http without ssl works on different servers.

    I used owncloud's config from https://doc.owncloud.org/server/8.0/admin_manual/installation/nginx_configuration.html and while it works for owncloud, it throws 404s for my development wordpress site on the same vhost, and on a different server I tried to implement it on yesterday.

    Raymii said: You're not talking about the SSL decoder right now are you? because that does no URL rewriting or nice URL's.

  • @GM2015

    Reply to my PM if you care/can.

    This code:

            location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
            }
    

    Is enough for Wordpress to make the permalinks/rewrite URLs work on Nginx. You might have to adjust the actual location. / is the root of the document root for the vHost. If you have your blog in a different folder adjust it to "location /foldername".

  • Dammit, anyone having "Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert)" on firefox?

  • Me too....

    I can browse this site with other browsers, but Firefox gets a " Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert) "

    Anyone know why is this?

    @rokok said:
    Dammit, anyone having "Invalid OCSP signing certificate in OCSP response. (Error code: sec_error_ocsp_invalid_signing_cert)" on firefox?

  • Firefox problem -_- this sucks

  • tdttestertdttester Member
    edited November 2015

    I'm getting this error on Nginx server:

    OCSP_basic_verify() failed (SSL: error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:Verify error:certificate has expired) while requesting certificate status, responder: ocsp6.wosign.com

Sign In or Register to comment.