Wosign and Startcom SSL error in Zimbra
Wosign and Startcom SSL might show non trusted in a Browser
Purpose
Customers and users with Wosign and Startcom SSL Certificates might see the non-trusted error on their modern Browsers such Firefox and Chrome, even when they installed properly the SSL certificate inside Zimbra using the usual steps
Resolution
The root CA for Wosign and Startcom have been revoked for modern Browsers such Firefox and Chrome, this is due to the next issue, from Google Security blog: WoSign knowingly and intentionally misissued certificates in order to circumvent browser restrictions and CA requirements. Further, it determined that StartCom, another CA, had been purchased by WoSign, and had replaced infrastructure, staff, policies, and issuance systems with WoSign's
Additional Content
- https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
- https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/
We encourage our Customers to use other brands such Comodo, etc.