来自StartSSL官方的回复如下:
SSL Certificates issued after 21.10.2016 are distrusted in Chrome 56+, Firefox 51+,safari and latest version of IOS system. All certificates are distrusted in chrome 57. Official document about distrust > https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/We are working hard on remediation plan (https://bugzilla.mozilla.org/show_bug.cgi?id=1311832), and we are doing everything to regain trust ASAP.We create new root certificate now, You need to wait the root certificate audit by the main browser so it can be trusted in the main browser,it will take several months.As an interim solution, if you pass the class 3 validation or EV validation(with full payment) you can get 1 trusted certificate(issued by Camerfirma) that can be trusted in all browser.