Nobody who has taken the time to purchase and install an SSL certificate wants to encounter the dreaded “certificate not trusted” message on their browser when trying to access their website. Unfortunately, it can happen for a variety of reasons.
Sometimes these messages pop up due to a system error or certain settings on your web browser. For instance, if the time and date of your computer aren’t accurate, or if you haven’t cleared your cache in a while. For an in-depth look at how to fix SSL certificates on your system and Google Chrome, check out this blog post.
But your SSL certificate may not be trusted for very legitimate reasons. Here are three common reasons why your SSL certificate isn’t trusted and how you can fix them.
Problem 1: Your SSL was not issued by a recognized Certificate Authority
Although SSL certificates can be issued by anybody, not all SSL certificates are considered equally legitimate by web browsers. There is a very small number of Certificate Authorities that are trusted by most major web browsers, and if your SSL wasn’t issued by one of them, you’ll more than likely encounter some issues.
It might be tempting to go for a free self-signed SSL certificate, however, more often than not, it’s risky. These certificates are not issued by a trusted CA, so it won’t have gone through the same kind of validation process (not to mention you won’t receive the same kind of support and warranty as you would from a paid option). A self-signed SSL certificate is exactly what it sounds like — it’s signed by the person who it was issued by. With self-signed SSLs, you will have a HTTPs connection, but website visitors will not be able to visit your site. Most major web browsers will not recognize these kinds of certificates as trustworthy, as you have not been validated by a trusted third-party authority. It doesn’t matter if you don’t have malicious intentions, the browser does not know you, therefore it will not trust you.
Beyond the issue of mistrust from browsers, it’s never a good idea to use a self-signed SSL certificate for a public website. The only acceptable time to use self-signed SSLs is for testing purposes for sites and services that are not publicly accessible.
How to solve it
Purchase an SSL certificate from a trusted Certificate Authority.
Problem 2: SSL installation was not completed properly
In life, mistakes happen, and SSL installation is no exception. Sometimes things can go wrong during the SSL installation process, particularly if you haven’t done it before or you’re less technically inclined. Common errors include a lost Private Key or setting up the SSL configuration improperly. Unfortunately, when there are errors during SSL installation, browsers will consider your certificate to be untrustworthy.
How to solve it
Problem 3: Your SSL certificate has expired
SSL certificates aren’t valid forever. Most issuers will send several warnings in the lead up to your SSL’s expiration date, prompting you to renew it. If for some reason you miss these, your SSL certificate may expire without you noticing. It doesn’t matter that your website once had a secure HTTPS connection even just a day before, as soon as your SSL expires, a browser will stop considering your site as trustworthy.
How to solve it
Unfortunately once they have expired, SSL Certificates can’t be renewed. Solve the problem by purchasing a new SSL certificate.
Having SSL on your site is generally straightforward and painless, but sometimes things can go wrong. By obtaining SSLs only from legitimate Certificate Authorities, installing them properly, keeping an eye on the expiration date, and checking the settings on both your operating system and browser, you are unlikely to encounter any problems. If you’ve gone through the steps outlined in this article and you’re still having issues, our customer support would be happy to help.