If you are having trouble with your SSL certificate, here are some common problems that might be causing the issue. If your problem isn’t listed below, or if you can’t resolve it on your own, please contact our support team for assistance.
1). SSL Certificate Not Trusted Error
The most common cause of this error is that the website’s SSL certificate has not been properly installed on the server.
If the certificate was issued by a trusted Certificate Authority (CA), then the problem may be that the CA’s intermediate certificate is not installed on the server.
Solution: Check to make sure that your SSL certificate and all related Intermediate certificates are properly installed on your server.
You can use our free SSL Certificate Installation Diagnostics tool to check for common installation problems. If you need help installing your certificate or troubleshooting installation problems, please contact our support team.
2). Certificate Expired Error
If your SSL certificate has expired, visitors to your site will see a “Certificate Expired” error in their browser.
To prevent this error from happening, you need to renew your SSL certificate before it expires.
Depending on the type of certificate you have and when it was issued, certificates typically expire anywhere from 1 year to 5 years after they are issued.
You should receive email notifications from us reminding you to renew your certificate before it expires (if not, please contact our support team).
Solution: Renew Your Certificate!
If you purchased your SSL certificate through us or if we manage your PKI infrastructure for you, then we can help with that – just contact our sales or support teams.
Not sure who issued your cert? Try using this free SSL Certificate Checker tool to find out.
3). SSL Certificate Revoked Error
If your SSL certificate has been revoked, it means that it is no longer valid and cannot be trusted.
This can happen for a variety of reasons, but the most common reason is that the private key associated with the certificate has been compromised (e.g., someone stole it or guessed the password).
If this happens, you need to revoke your existing certificate and re-issue a new one as soon as possible to prevent attackers from being able to impersonate your website.
Solution: Revoke your existing SSL certificate and re-issue a new one as soon as possible.
If you need help revoking or re-issuing your certificate, please contact our support team.
4). Self-Signed SSL Certificates
Self-signed SSL certificates are free to generate and can be used for test or development environments, but they should NEVER be used in production.
The main problem with self-signed certificates is that browsers do not trust them by default, which means visitors will see a warning message when they try to access your site.
Solution: Do not use self-signed SSL certificates in production!
If you need a trusted certificate for your website, please contact our sales or support teams and we’ll be happy to help.
5). Common Name Mismatch Error
If you see a “Common Name Mismatch” error when trying to access your website, it means that the domain name listed in the certificate does not match the actual domain name of your website.
For example, if your certificate is for www.example.com but you are trying to access your site as example.com, you will see this error (without the “www” subdomain).
This can happen if you generated a CSR using a different domain name than what you ended up using for your website or if someone accidentally mistyped your domain name when they were configuring their browser settings.
Solution: Make sure that the common name listed in your SSL certificate matches exactly with the actual domain name of your website. If it doesn’t match, generate a new CSR using
6). Mixed Content Error
Mixed content error is another one of the most common problems with SSL certificates.
Mixed content errors can also occur if the web page includes HTTP links.
It can be difficult to troubleshoot because this error can involve multiple resources on a single page.
The best way to troubleshoot mixed content error is to use a web browser’s developer tools to inspect the resources that are being loaded on the page.
This will allow you to see which resources are being loaded over HTTP, and which ones are being loaded over HTTPS.
Once you identify the resource that is causing the error, you can try to fix it.
How to Fix SSL Certificate Error
As we’ve seen, there are different types of SSL errors. Here are some solutions you should try:
a). Change all URLs to HTTPS
Some errors arise because the URL is written with HTTP instead of HTTPS. Check if the certificate uses an incorrect hostname, wrong domain name spelling, or a misconfigured server.
b). Clear browser data and cookies
Your SSL error may be caused by outdated files in your web browser cache (cookies) that are interfering with secure connections to websites.
Try clearing your browsers’ cache and cookies and reloading the page you were trying to view – this should fix it! If not, move on to step 3 below…
c). Update your web browser or operating system
If you’re using an outdated version of either your OS or browser, this could be the cause. The SSL certificate error may also occur because a firewall is blocking secure HTTPS traffic to and from the website.
Check for updates on whichever device (or devices) you are connecting with that doesn’t seem to work properly – there’s no harm in updating everything!
d). Renew your SSL certificate
If you’ve had your SSL certificate for more than a year, now is the time to renew it – especially if it’s not set up to automatically update. This process can be done directly with most Certificate Authorities (CAs).
Renewing an expired or about-to-expire SSL certificate should immediately fix any associated errors on your website!
e). Check your server’s clock and time zone settings
If the date on your computer is set incorrectly, you will get an SSL certificate error. That means that if you are traveling, or using a computer in another time zone that has the wrong date set, you may run into problems.
f). Check for SSL certificate chain issues (intermediate certificates)
If your web server is misconfigured and doesn’t send all of the necessary intermediate CA certificates during the SSL handshake process, visitors will see an error message in their browser instead of your website’s content.
To fix this issue:
Make sure that your web server is configured to send the intermediate CA certificates.
If you are using Apache, this can be done by adding the SSL Certificate Chain File directive to your configuration file (usually located at /etc/apache2/ssl.conf or /etc/httpd/conf.d).
The path should point to a file containing all of the necessary intermediate CA certificates in PEM format concatenated together – you can usually find these on your Certificate Authority’s website under “Intermediate Certificates.”