I discovered yesterday that Mozilla have revoked
root certificate in Firefox. How did I discover this? After an update to Firefox 51 I find my own www.flypig.org.uk
website now fails to load, giving a certificate error instead. Admittedly StartCom's service is free, but it would have been nice to be warned by someone.
So while I've enjoyed StartCom's service for many years, it looks like I'll be moving to Let's Encrypt
. Which would be fine if I hadn't put certificate pinning on my site, which will prevents the new cert from being accepted for 30 days. I guess that's what happens if you try to be too cocky with security on a budget!