Log In
Register
SSL Brands
Sectigo SSL Certificates
RapidSSL Certificates
Thawte SSL Certificates
GeoTrust SSL Certificates
DigiCert SSL Certificates
Certificates
Single Domain Certificates
SSL Tools
CSR Generator
CSR Decoder
SSL Certificate Decoder
SSL Certificate Checker
SSL / Key Matcher
SSL Certificate Converter
Contact
Games
[flexy_breadcrumb]
Common SSL Certificate Errors
1. Certificate Not Trusted / Invalid Certificate Authority
Error Messages:
-
- “This site’s security certificate is not trusted”
- “Certificate authority invalid”
- “NET::ERR_CERT_AUTHORITY_INVALID”
Causes:
-
- Self-signed certificate
- Certificate from untrusted CA
- Incomplete certificate chain
Solutions:
-
- Install certificate from trusted CA.
- Install intermediate certificates
- Verify certificate chain is complete
2. Certificate Name Mismatch
Error Messages:
-
- “Certificate name mismatch”
- “This certificate is not valid for this domain”
- “NET::ERR_CERT_COMMON_NAME_INVALID”
Causes:
-
- Certificate issued for different domain
- Missing www or subdomain coverage
- Wildcard certificate misconfiguration
Solutions:
-
- Reissue certificate for correct domain
- Use SAN (Subject Alternative Name) certificate
- Configure wildcard certificate properly
- Add redirects from non-matching domains
3. Expired Certificate
Error Messages:
-
- “This site’s security certificate has expired”
- “Certificate expired”
- “NET::ERR_CERT_DATE_INVALID”
Causes:
-
- Certificate past expiration date
- System clock incorrect
Solutions:
-
- Renew certificate immediately
- Set up auto-renewal (recommended)
- Check server/client system time
- Update certificate on all servers
4. Certificate Not Yet Valid
Error Messages:
-
- “This site’s security certificate is not yet valid”
- “Certificate not valid until future date”
Causes:
-
- System clock incorrect
- Certificate installed before valid date
- Time zone configuration issues
Solutions:
-
- Verify server time and time zone
- Check certificate valid-from date
- Synchronize server clock with NTP
5. Mixed Content Errors
Error Messages:
-
- “Page not secure” despite SSL certificate
- “Mixed content blocked”
- Partial HTTPS lock icon
Causes:
-
- Loading HTTP resources on HTTPS page
- Hardcoded HTTP URLs
- Third-party services not using HTTPS
Solutions:
-
- Update all URLs to HTTPS
- Use protocol-relative URLs (//)
- Enable HTTPS redirects
- Review third-party integrations
6. Certificate Chain Issues
Error Messages:
-
- “Certificate chain incomplete”
- “Unable to verify certificate”
- “Certificate path incomplete”
Causes:
-
- Missing intermediate certificates
- Incorrect certificate installation order
- Server misconfiguration
Solutions:
-
- Install complete certificate chain
- Verify intermediate certificates
- Check certificate bundle configuration
- Use our onlie free SSL checker tool
7. Weak Cipher or Protocol Errors
Error Messages:
-
- “Connection not secure”
- “Obsolete cipher suite”
- “Protocol not supported”
Causes:
-
- Outdated SSL/TLS protocols (SSL 2.0, 3.0)
- Weak encryption ciphers
- Server configuration issues
Solutions:
-
- Enable TLS 1.2 and 1.3
- Disable weak ciphers (RC4, DES)
- Update server SSL configuration
- Use Mozilla SSL Configuration Generator
Quick Diagnostic Tools
Online Checker:
Command Line:
# Check certificate details
openssl x509 -in certificate.crt -text -noout
# Test SSL connection
openssl s_client -connect domain.com:443
# Check certificate expiration
echo | openssl s_client -connect domain.com:443 2>/dev/null | openssl x509 -noout -dates
Browser Tools:
-
- Chrome DevTools Security tab
- Firefox Certificate Viewer
- Browser certificate details (click padlock icon)
Prevention Best Practices
-
- Monitor Expiration: Set up alerts 30-60 days before expiry
- Auto-Renewal: Use tools like Certbot for Let’s Encrypt
- Regular Testing: Monthly SSL health checks
- Certificate Management: Maintain inventory of all certificates
- Proper Documentation: Keep certificate details recorded
- Staging Environment: Test certificate changes before production
Emergency Response
-
- Identify Error Type: Use browser/diagnostic tools
- Check Certificate Status: Verify expiration and validity
- Review Recent Changes: Any server or DNS modifications
- Test from Multiple Locations: Rule out local issues
- Have Backup Plan: Keep emergency contact info for CA support
When to Contact Support
-
- Certificate appears valid but errors persist
- Multiple certificate types attempted without success
- Server-level configuration issues beyond your expertise
- Need help with enterprise certificate management