StartCom certificate no longer trusted since Chromium 57

Primary tabs

After updating to Chromium 57 navigating to always results in the annoying "Your connection is not private" message. The reason seems to be that the certificate of has been signed by StartCom, which is no longer trusted by the Chromium (and Chrome) developers. You may find some explanations here:

@webmaster: Please, update the certificate to one that is trusted by all browsers.

For all others: As a work around you can manually add the certificate of as a trusted server certificate. Then the warning message goes away and you get to directly again. Unfortunately, in the Chromium GUI you only can add CA certificates. So you have to use a command line tool. Just do the following: Download the certificate and save it in a file, let's say "findfind.pem". If the program certutil is not yet available on your system, you have to install the nss tools, for example on Debian you would do (as root): apt-get install libnss3-tools

Then, as the browser user enter this into your shell: certutil -A -i findfind.pem -t'P,,' -n findfind -d sql:$HOME/.pki/nssd

This adds the certificate to the database and marks it as trusted for SSL. Restart Chromium, to make it reread the database.


Thanks for the info. Taking care of this, will likely install LetsEncrypt. Updates follow here.

Thanks for the notice, I've now installed a certificate from LetsEncrypt. I hope this resolves the issue – if not, please tell me.