After today’s Let’s Encrypt certificate renewal, I get the following in Firefox 54.0.1 (Windows 7) …
[code]Your connection is not secure
The owner of www.mysite.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Learn more …
Report errors like this to help Mozilla identify and block malicious sites
www.mysite.com uses an invalid security certificate.
The certificate is only valid for mysite.com
Error code: SSL_ERROR_BAD_CERT_DOMAIN[/code]
I don’t have any antivirus software installed.
The system time is correct.
It only happens with my Dreamhost site. Other https:// sites (also with self-encrypted certificates) work fine.
It only happens with Firefox 54.0.1 on my Windows 7 system.
When I use an Ubuntu installation with Firefox 54.0.1, all works fine.
When I use IE 11.0.44 on the same Windows 7 system, it also works.
Is this somehow related to the new Let’s Encrypt certificate from DH or some DH HSTS setup?
Did something change … ?!
This did the job, though I don’t really know what happened …
[code]How to Delete HSTS Settings in Firefox:
We will cover two different methods for deleting HSTS settings in Firefox. The first method should work in most cases – but we also included a manual option if needed.
Close all open tabs in Firefox.
Open the full History window with the keyboard shortcut Ctrl + Shift + H (Cmd + Shift + H on Mac). You must use this window or the sidebar for the below options to be available.
Find the site you want to delete the HSTS settings for – you can search for the site at the upper right if needed.
Right-click the site from the list of items and click Forget About This Site.This should clear the HSTS settings (and other cache data) for that domain.
Restart Firefox and visit the site. You should now be able to visit the site over HTTP/broken HTTPS.