Distrusted cert

Mozilla observatory, when it scans my site, reports:
“This site uses a Symantec cert issued on or after June 1, 2016, and will be distrusted by Firefox63 and Chrome70. Please replace its certificate immediately.”

I have searched for a Symantec certificate for my site (www.sizes.com) at Cloudflare, at the origin server (DreamHost), and at the registrar (Network Solutions), and can’t find it. Yesterday I added a dedicated cert at Cloudflare, which should be covering both www.sizes.com and sizes.com. What should I do next??

https://observatory.mozilla.org/analyze/sizes.com#tls does not seem to list any such warning.

On a related note, assuming your server IP address ends in 191, it would seem your SSL configuration on your server is messed up and redirects between your naked domain and your www record. Assuming your site does load on Cloudflare that could only mean you have Flexible, which is not only dangerous but also completely unnecessary in your case. Switch that to “Full strict” and fix that redirection loop on your server.

Yes, it does give such a warning in red at the top of the page; I copied it verbatim. The difference may be because you scanned sizes.com, not www.sizes.com

Yes, I am in the middle of a redirection snafu. The origin server is a VPS and I have no access to the header. At the origin server, the site has a fixed IP. Before using Cloudflare, I used mod_rewrite in an .htaccess file to redirect http to https; and to add www to requests. Is it the case that I no longer need to do either of those, that my Clodflare settings (e.g., in Crypto, always use https) handle the redirect, and no htaccess redirects are needed?
Thanks for the help Sandro. I appreciate it.

That must be a glitch on Mozilla’s part. Your www host has a Cloudflare certificate configured, not a Symantec one. If you scroll down even Mozilla acknowledges that.

I believe there was recently a thread about the same topic here on the forum, maybe you can find via the search. I believe the conclusion there was it is a Mozilla glitch as well.

This topic was automatically closed after 31 days. New replies are no longer allowed.