I can’t tell why neither Chrome nor Edge check the revocation status, but Firefox is right. The certificate was revoked on Nov. 5 since GoDaddy believes that ssptrades.com has stopped operations.
How to check revocation manually
Save the certificate of ssptrades.com to the file
site.cer, and the issuer’s certificate to the file gd1.cerObtain the URL to OCSP service:
openssl x509 -noout -ocsp_uri -in site.cer
Output: http://ocsp.godaddy.com/
- Check OCSP status:
openssl ocsp -issuer gd1.cer -cert site.cer -text -url http://ocsp.godaddy.com/
(shortened) output:
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2
Produced At: Nov 6 20:11:53 2020 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: B6080D5F6C6B76EB13E438A5F8660BA85233344E
Issuer Key Hash: 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE
Serial Number: 54FC3E8F69D995CF
Cert Status: revoked
Revocation Time: Nov 5 20:08:54 2020 GMT
Revocation Reason: cessationOfOperation (0x5)
The last threee lines tell us: the certificate was revoked on Nov 5, the reason is “cessation of operations” (code 0x5)
CLICK HERE to find out more related problems solutions.