Why am I seeing a "SEC_ERROR_REVOKED_CERTIFICATE" error when I use an SSL certificate from the StartCom CA?


An SEC_ERROR_REVOKED_CERTIFICATE error is displayed in Chrome or Firefox when accessing a site with a custom cert from the StartCom Certificate Authority.


If you are seeing this error, check the output of the following command:

heroku certs:info

If this mentions StartCom Ltd. then you may have trouble using this cert in newer browsers. StartCom have apparently violated some rules regarding their role as a Certificate Authority (CA) and as a result, newer browsers have begun to start marking their newly issued certificates as revoked. There's more information about this here https://community.qualys.com/thread/16987-a-site-fails-with-secerrorrevokedcertificate-on-firefox-51-but-has-grade-b-on-ssl-test

To fix this you will have to obtain a new certificate from a different provider as the issue is between StartCom (the cert CA) and the browser vendors (Chrome and Firefox) - there's nothing that Heroku can do to intervene in this case.