This organization's certificate has been revoked

Question

I have just Installed Intermediate Certificates supplied by Thawtes, and installed their SSL certificate for a test site sat on our network behind a load of firewalls.

the dns lookup is an internal one only.

I have run a test validation service provided by Thawte locally and it responds as successful.

Yet trying to visit the site over https:// says that the organization's certificate has been revoked.

If I disable the Online Certificate Status Protocol in firefox I can view my site, but this is obviously not an option.

Has anyone else come across this problem? Is it due to me being completely internal and the SSL provider cannot see my site?

Need help understanding what is going wrong.

This is the output from the checker:

test.elife.co.uk is successfully secured by an SSL certificate. The following certificates are correctly installed:

------Certificate 1------
--Issued To--
Organization: test.elife.co.uk 
Organizational Unit: Domain Validated 
Organizational Unit 2: Thawte SSL123 certificate 
Organizational Unit 3: Go to https://www.thawte.com/repository/index.html 
Common Name: test.elife.co.uk  
--Issued By-- Organization: Thawte,, Inc. 
Organizational Unit: Domain Validated SSL 
Common Name: Thawte DV SSL CA 
Country: US 
Valid from Thu Sep 23 01:00:00 BST 2010 to Sat Sep 24 00:59:59 BST 2011 
Serial Number (hex): a6e84e4a3e7ed5b61d26c2667384cec 
-------------------------
------Certificate 2------ 
--Issued To-- Organization: Thawte,, Inc. 
Organizational Unit: Domain Validated SSL 
Common Name: Thawte DV SSL CA 
Country: US  
--Issued By-- 
Organization: thawte,, Inc. 
Organizational Unit: (c) 2006 thawte,, Inc. - For authorized use only 
Organizational Unit 2: Certification Services Division 
Common Name: thawte Primary Root CA 
Country: US  
Valid from Thu Feb 18 00:00:00 GMT 2010 to Mon Feb 17 23:59:59 GMT 2020 
Serial Number (hex): 7610128a17b682bb3a1f9d1a9a35c092
------------------------- 
------Certificate 3------ 
--Issued To-- 
Organization: thawte,, Inc. 
Organizational Unit: (c) 2006 thawte,, Inc. - For authorized use only 
Organizational Unit 2: Certification Services Division 
Common Name: thawte Primary Root CA 
Country: US  
--Issued By-- 
Organization: Thawte Consulting cc 
Organizational Unit: Certification Services Division 
Common Name: Thawte Premium Server CA 
Locale: Cape Town, Western Cape 
Country: ZA  
Valid from Fri Nov 17 00:00:00 GMT 2006 to Wed Dec 30 23:59:59 GMT 2020 
Serial Number (hex): 3365500879ad73e230b9e01d0d7fac91 
------------------------- 

Thanks in advance.

Answer 1

The message says it quite clearly: the certificate (one of certificates in the chain) has been revoked. And this revocation status is reported by OCSP service which is being contacted unless you disable OCSP check. This means that the certificate can't be trusted anymore and if you use it (or it's child certificate) to certify your public site, your users will get the same error. You need to contact Thawte support for further assistance.