#Startcom #SSL certs no longer valid in Chrome 58 & Firefox
StartCom was a popular SSL cert issuer before the days of LetsEncrypt, as it was one of the few providers that offered SSL certs for free, and thus was very popular. However, after failing to play ball with Mozilla, and were using the obsolete Hashing cypher SHA-1.
This means, if you have an SSL cert issued by StartCom, then you better get a new cert quickly. I personally recommend LetsEncrypt, since it’s free, but others are available. – Otherwise Google Chrome, and Firefox will say your website is insecure.
Mozilla’s official word is:
Mozilla has discovered that a Certificate Authority (CA) called WoSign has had a number of technical and management failures. Most seriously, we discovered they were backdating SSL certificates in order to get around the deadline that CAs stop issuing SHA-1 SSL certificates by January 1, 2016. Additionally, Mozilla discovered that WoSign had acquired full ownership of another CA called StartCom and failed to disclose this, as required by Mozilla policy. The representatives of WoSign and StartCom denied and continued to deny both of these allegations until sufficient data was collected to demonstrate that both allegations were correct. The levels of deception demonstrated by representatives of the combined company have led to Mozilla’s decision to distrust future certificates chaining up to the currently-included WoSign and StartCom root certificates.