SEC_ERROR_INVALID_TIME error in firefox for valid certificate

Asked Feb 26 '17 at 11:32

Active Feb 26 '17 at 17:59

Viewed 324 times

I have generated a certificate for apache with

openssl ca -config openssl.conf -extensions usr_cert -in reqs/httpd.req -out httpd.pem -startdate 170226000000Z -enddate 180226000000Z -noemailDN

This certificate is accepted by openssl, chrome, git etc. but not by firefox which rejects it with:

xxx uses an invalid security certificate. 
The certificate will not be valid until 26.02.2017 01:00. 
The current time is 26.02.2017 11:49. Error code: SEC_ERROR_INVALID_TIME

This seems to have something to do with the encoding of the notBefore and notAfter fields (https://bugzilla.mozilla.org/show_bug.cgi?id=1152515) but I've been unable to find any hints to on how to fix this but this really helpful

Re-generate the certificate with valid encodings for time fields

(https://developer.mozilla.org/en-US/docs/Mozilla/Security/x509_Certificates)

Any advice / hints appreciated!

edited Feb 26 '17 at 17:59

jww

97,681
90
411
885

asked Feb 26 '17 at 11:32

Dirty Coder

1

It might help if you upload an example certificate featuring this problem so that one have a closer look at it. Also, the openssl version used to create this certificate might be relevant. – Steffen Ullrich Feb 26 '17 at 13:40

SEC_ERROR_INVALID_TIME error in firefox for valid certificate

0 Answers0