Firefox SSL_ERROR_WEAK_SERVER_CERT_KEY
 

Anyone else seeing this in recent firefox versions?

My searching says its usually caused by a <1024 bit key but I generated a 2048 bit key per start ssl's instructions.

looks like there may be an override but I'd like to know what they want on the key side.

This bug report from Mozilla might shed some light on that:

https://bugzilla.mozilla.org/show_bug.cgi?id=1182567

Thats one of the threads I found. mentiones <1024 bit certs but I did 2048.

I can generate a self signed cert that works but I'm getting one from startssl so I don't have the non-trusted cert errors.

err, I didn't have the chainfile setup right.

Glad you got it figured out.

Thanks for reporting back; your response may help someone else who runs into the same problem know where to start looking. Knowing where to look is the most important aspect of troubleshooting.

It seems the error message from Firefox is somewhat misleading https://www.ssllabs.com/ssltest/index.html said it was a chain issue not a weak cert.