Firefox reports an expired certificate even though you installed a renewed one or a new one

Firefox is always trying tricks on us. The latest one is really "tricky". Judge for yourself:

You regularly log on to a web server with a client certificate that is about to expire. That's why you renewed and installed the certificate early. But oops! As soon as that original certificate expires, Firefox starts reporting "Secure Connection Error" (SSL_ERROR_EXPIRED_CERT_ALERT) because your original certificate has expired, even though it already has a renewed or possibly a brand new certificate installed!

This is because Firefox (from a certain version onwards) remembers which certificate you used for a given web server, and won't let you select a new/renewed one until you manually intervene.

The association of a certificate with a particular web server is created here:

A certificate selection

Note the "Remember this decision" option. By default, it is checked so that the certificate's association with a particular web server is saved.

You must cancel this connection after reporting the aforementioned "Secure Connection Error" in the Certificate Manager here:

Delete a certificate selection

On the "Authentication Decisions' tab, select the (expired) certificate for the web server and press the "Delete" button.

The next time you try to open a page from that web server, Firefox will display the certificate selection dialog again.


FAQ/FirefoxSpec (last edited 2023-09-28 17:13:01 by AlesKastner)