Today there are over 170 million websites with an SSL certificate on the internet. This number is expected to increase because more search engines and consumers prefer sites with SSL certificates.
An SSL error does the opposite. Many users don’t trust sites with SSL problems, and if customers no longer trust you can expect them to check out a competitor who can be trusted.
In this post, I’ll walk you through the different steps you need to take to resolve SSL certificate errors. Your site will be running smoothly in no time.
What Is An SSL Certificate?
SSL stands for Secure Sockets Layer. This protocol was designed to provide secure communication between two parties over the Internet. The main purpose of the protocol is to ensure data confidentiality and integrity.
An SSL certificate is a digitally signed document that binds a public key to a specific domain name. An SSL certificate contains information such as the server’s name, its location, the expiration date, etc.
When you visit a website using HTTPS (secure HTTP), you see a lock icon next to the URL address bar. This indicates that the site uses an encrypted connection.
Sites without SSL certification tend to be flagged as “not secure” in Google Chrome. It is estimated that 85% of online consumers avoid such sites.
Why Should Websites Have An SSL Certificate?
The most common reasons why websites should have an SSL certificate are:
1) To protect your customers from phishing attacks. Phishing refers to a fraudulent attempt by criminals to trick users into disclosing personal or financial information.
When a user visits a web page with an invalid SSL certificate, they will be unable to identify if the content on the page is legitimate or not.
2) To prevent identity theft. Identity theft occurs when someone obtains sensitive information about another person without their permission. A hacker can use this information to take over the victim’s account.
3) To verify the authenticity of the company behind the website. For example, if you’re buying something online, you don’t want to give your credit card details to a fake company.
An SSL Certificate provides your customers with a sense of security and trust in the company.
4) To protect your business reputation. If a customer finds out that your website doesn’t offer security, they might think twice before doing business with you again.
5) To make it easier for search engines to index your pages. Search engines like Google and Bing rely heavily on SSL certificates to determine whether a website is trustworthy.
They also use the SSL certificate to check if the website has been hacked.
How Do You Get An SSL Certificate?
If you’re hoping to use the services of a hosted platform to build your website, you’re in luck. Fortunately, many hosted platforms like cmshub.com and Squarespace include an SSL certification in their plans.
This means that if you want to build a website through such a platform, you don’t have to worry about sorting out an SSL certification yourself.
If you choose a self-hosted solution like wordpress.org, most hosting companies include an SSL in their plans as well, such as hostgator.com.
However, if your solution doesn’t include SSL, then you can purchase one from an SSL certificate provider. If this is the case, explore your options on DigiCert.
What Is An SSL Certificate Error?
An SSL certificate error occurs when a web browser cannot verify the legitimacy of the site’s SSL certificate.
Rather than connect the users to the site, which would risk their privacy, the browser will instead display an error message, communicating to the user that the site could be insecure.
Types Of Ssl Certificate Errors
There are a number of different types of SSL certificate errors. We describe the most common ones here.
Your Ssl Certificate Is Not Trusted
This error indicates that the SSL connection is insecure because the certificate is not trusted. The certificate may be self-signed or issued by an untrusted Certificate Authority.
There Is A Name Mismatch
This error suggests that the domain name in the SSL certificate doesn’t match the URL. The domain name on the SSL certificate must exactly match that of the URL.
For instance, if you have a certificate for the site ‘www.business.com’, and you typed in ‘https://business.com’, you will get an SSL error.
You Have An Expired SSL Certificate
SSL certificates expire just after one year. This means that all SSL certificates need to be replaced consistently. Otherwise, when you try to load your site, you’ll get an SSL certificate error.
Generic SSL Protocol
This error is particularly tricky to solve because there are multiple possible causes, including:
- An incorrectly formatted SSL certificate that the web browser cannot parse.
- A certificate that is not properly configured on the server.
- An expired, invalid, or self-signed certificate.
- The use of an obsolete encryption algorithm.
- A firewall or other security software blocks the connection.
- A problem in the certificate‘s chain of trust.
Your SSL Certificate Has Been Revoked
This error suggests that the certificate authority that allocated the site’s SSL certificate has decided to cancel or revoke the certificate. This could be for a number of reasons, including:
- The website got the SSL certificate using false credentials.
- The key was compromised.
- The wrong key was issued.
There Is A Problem With Mixed Content
This error indicates that a secure web page contains an element that‘s being loaded from an unsecured web page.
Even if there’s only one insecure file on the page, your browser will display an alert box instead of loading the page.
Diagnosing An SSL Error
If you are being faced with an SSL certificate error, you first need to use an online tool to help you identify the specific problem. The tools listed below are trusted:
- SSL Checker.
- SSL Certificate Checker.
- SSL Server Test.
Once you have diagnosed the problem, you can begin to fix it. Check out some solutions to common problems below.
Certificate Authority Not Trusted
If the Certificate Authority you used to get your SSL certificate isn’t trusted, you will likely need to install an intermediate certificate onto your web browser.
This will help the browser establish that the certificate was issued by a valid CA.
If you are working with a web hosting provider (e.g. GoDaddy), it is likely that they will be able to offer you information on intermediate certificates.
If you are not, you will need to check your website’s server and find instructions for that particular server. You can probably find these on YouTube.
Incorrectly Installed Certificate
If you’re still getting a certificate not a trusted certificate error, then you could’ve installed the certificate incorrectly.
You can generate a new CSR from your server and re-issue it from your certificate providers. The process you follow will depend on your specific server.
Name Mismatch Problem
If you’re getting a Name Mismatch Error, then the problem may lie with your IP address.
Your website usually has its own IP address, but if you use a type other than Dedicated Hosting, your site may share an IP address with multiple websites.
If one of those sites doesn’t have an SSL Certificate installed, then a browser won’t know which site it should connect to and display a mismatched name error message.
You can resolve this by upgrading to a dedicated IP address.
Mixed Content Problem
Copy and paste the URL into whynopadlock.com to identify the elements that need to be secured. Edit the source code of the web page and change the URLs to HTTPS.
You can see how important it is to keep your website up-to-date and secure. It’s also important to make sure that any SSL errors you encounter are dealt with quickly so that visitors aren’t left wondering what happened.
I hope this article helped!