StartCom certificate no longer trusted since Chromium 57

Primary tabs

After updating to Chromium 57 navigating to findfind.it always results in the annoying "Your connection is not private" message. The reason seems to be that the certificate of findfind.it has been signed by StartCom, which is no longer trusted by the Chromium (and Chrome) developers. You may find some explanations here: https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html

@webmaster: Please, update the certificate to one that is trusted by all browsers.

For all others: As a work around you can manually add the certificate of findfind.it as a trusted server certificate. Then the warning message goes away and you get to findfind.it directly again. Unfortunately, in the Chromium GUI you only can add CA certificates. So you have to use a command line tool. Just do the following: Download the findfind.it certificate and save it in a file, let's say "findfind.pem". If the program certutil is not yet available on your system, you have to install the nss tools, for example on Debian you would do (as root): apt-get install libnss3-tools

Then, as the browser user enter this into your shell: certutil -A -i findfind.pem -t'P,,' -n findfind -d sql:$HOME/.pki/nssd

This adds the certificate to the database and marks it as trusted for SSL. Restart Chromium, to make it reread the database.

Comments

Thanks for the info. Taking care of this, will likely install LetsEncrypt. Updates follow here.

Thanks for the notice, I've now installed a certificate from LetsEncrypt. I hope this resolves the issue – if not, please tell me.