How to Fix a Website Security Certificate (SSL) Error?

How to Fix a Website Security Certificate (SSL) Error?

You just built your first website. You did a great job with the design, and you shared the link on your social media and with your friends. But oh no! When your friends click on it, browsers like Chrome and Firefox say that your site is not safe and won’t let anyone in.  

server security certificate not valid

Some users may be able to open your website, but there is a ‘Not Secure’ label before the domain name. Sometimes, this problem may pop out randomly on a site that has been running well for some time. You don’t know what to do but fret not. Read on for solutions.

How to Fix An Unsecure Website?

First of all, you need to install a SSL Certificate. SSL stands for Secure Socket Layers. A website needs an SSL Certificate to encrypt and decrypt the data that comes in and goes out. To encrypt data means that data is converted into codes and to decrypt means to convert the code back into data.

So why a SSL Certificate?

A SSL Certificate makes sure that hackers can’t steal the information that users enter into your website.

It generally has a validity period of 1-2 years, so you may need to renew it if you already bought it before and the error shows up.

How Does a SSL Certificate Work?

Let us say that you have an e-commerce website. You sell something, for example, shoes.

Your customer needs to enter their name and payment information to buy those shoes from you. That entered information will travel through the internet lines.

It will be a problem if a hacker intercepts the information before it reaches your website. A SSL Certificate helps avoid that situation.

As someone enters their data in a website, the SSL Certificate turns it into code in the browser itself. The code then travels through the internet and reaches the website. Only then is it reconverted to data.

Thus, even if a hacker tries to steal your user’s info, they will only get a code, which is impossible to decrypt without the SSL certificate. Different SSL Certificates encrypt data in different ways.

Each SSL Certificate has two keys, a public key used on the browser, and a private key for the server.

Remember, a server also encrypts data before sending to the client (user), which is decrypted in the browser with the public key.

With an SSL Certificate, you get a ‘https’ before the name of your website instead of only ‘http.’ Furthermore, you also get a green padlock before the domain name.

padlock

A green padlock before the domain name indicates that the website has a SSL certificate.

Keep in mind that a SSL Certificate isn’t only necessary for security but also for SEO. You must have one to get a good ranking on Google.

 

How SSL certificate works
Source: www.entrustdatacard.com

 

Fixing Website Certificate Error: What are the Types of SSL Certificates?

These are the types of SSL Certificates:

1. Domain Validation SSL Certificate 

A domain validation SSL Certificate is for a single domain. It provides a minimal level of encryption.

Your website will get an ‘https’ authentication and a padlock before the domain name.

To get a domain validation certificate, all you need to do is call or email a certificate provider, and prove that you have legal ownership to the blog or the site. It generally takes a few minutes to get a DV SSL.

A Domain Validation SSL Certificate is only recommended for blogs and websites where there aren’t many financial transactions.

2. Organization Validated SSL Certificate

An Organization Validated SSL Certificate verifies two things:

  • The organization that has been running the website exists.
  • The company has the legal rights to use the domain name.

With an organization validated SSL Certificate, users can be sure that they are doing business with a legitimate company. Organization Validated SSL Certificate takes more time to be issued as compared to other DV Certificates because the certificate provider has to go through all the registration documents and licenses of the company that requested it.

3. Extended Validation SSL Certificate

An extended Validation SSL certificate is especially needed by established brands to provide phishing protection. Phishing means creating a malicious website pretending to be someone else so that you can steal information.

Padlock on a secured site

secured site

Extended Validation SSL Certificate shows the name of the organization that has the SSL Certificate in the address bar.

Google Chrome doesn’t show the name of the organization in the address bar, but you can view the company details by clicking on the padlock button.

So, why would you buy an Extended Validation Certificate in the place of an Organization or Domain Validation Certificate?

Paypal uses Extended Validation Certificate. It is the biggest online paying platform.

Lets say that there is a website called ‘paypalll.com.’ It sounds similar to ‘paypal.com,’ but the website can still get an SSL Certificate, as long as a person can prove they legally own the domain. 

The website ‘paypalll.com’ can pretend to be ‘paypal.com’ and steal money from people. However, if the name of the company is in the address bar of the browser, users can be assured they are visiting the website of the legitimate company.

In some cases, the name of the company and the domain name may not be the same. So, an Extended Validation Certificate is a way of telling users who is the owner of the website.  

Comodo SSL Store

In this screenshot, the domain name says Comodo SSL Store, but the store is owned by a company called Rapid Web Services.

4. Wildcard SSL Certificate

A Wildcard SSL Certificate provides https authentication for a domain and all of its sub-domains.

For example, your website name is yourwebsite.com. You can use a Wildcard SSL Certificate to authenticate its subdomains like:

mail.yourwebsite.com

www.yourwebsite.com

blog.yourwebsite.com

health.yourwebsite.com

and so on.

A Wildcard SSL Certificate can be Domain Validated or Organization Validated.

 

WildCard SSL Certificate 

Image: How Wildcard SSL Certificate Works 

Source: https://www.ssl2buy.com/wp-content/uploads/2016/07/wildcard-ssl.png

5. Multiple Domain SSL Certificate

Some organizations can have more than one domain name. Generally, a multiple domain SSL certificate secures up to 100 domains and subdomains.

For example, you can secure all of these with multiple domain SSL certificates:

Yourdomain.com

Yourdomain.org

Yourdomain.com.my

Mail.yourdomain.my

Yournextdomain.com

Multiple Domain SSL Certificate can be Domain Validated, Organization Validated, and Extended Validated.

How to Install an SSL Certificate on Your Website?

1. Get a Dedicated IP Address

An IP Address is the address of a device on the internet. Getting a dedicated IP Address for your website means getting a dedicated device to host your website (store your website information).

Well, even if you use shared hosting, you can ask your hosting provider for a dedicated IP address. This generally costs some fee.

In case you have a VPS or a Web Server, you can see your dedicated IP address in your hosting account. Here are the links for finding your IP Addresses in Godaddy, Hostgator, Bluehost, Hostinger, and GreenGeeks

On the other hand, if you use cPanel, you can know your IP Address by clicking on Statistics on the left-hand side of cPanel and clicking on Server Information.

2. Choose a SSL Certificate Provider

Remember, these days, many web hosting providers package free SSL certificates with their product so you should ask if your hosting already has a certificate. If the answer is yes, they will also tell you how you can install it. 

If not, here are some of the most popular SSL Certificate providers:

a. Let’s Encrypt

Let's Encrypt

Let’s Encrypt provides SSL certificates for free. They are more of an initiative rather than a for-profit company. Let’s Encrypt wants to make sure that website security is accessible for everyone. The organization recently issued its billionth certificate on February 27, 2020. 

Remember, Let’s Encrypt only provides Domain Validation Certificates.

Official Website: https://letsencrypt.org/

b. Comodo SSL 

Comodo SSL Store provides everything from Domain Validation to Extended Validation Certificates. There are a lot of pricing options, and some are very affordable, with some EV Certificates starting at only $80 per year.

comodo ssl certificate

The good thing about Comodo is that they will install your SSL Certificate for you. Furthermore, they have excellent customer support and various tools that help you decode and fix website certificate errors by ensuring that the SSL certificate has been installed properly.

Official Website: https://ssl.comodo.com/

c. Digicert

digicert

Digicert provides services ranging from basic DV certificates that only show the padlock to EV and OV certificates that come with Antivirus and Malware checker, Norton Seal, and even a warranty of up to $1.75 million.

They also have a tool called the Digicert Central that helps you to manage certificates on your domain and subdomain and also check their validity, expiration date, status and so on.

Official Website: https://www.digicert.com/

d. NortonLifeLock (Symantec)

NortonLifeLock

Previously known as Symantec, NortonLifeLock is a Fortune 500 company based in California, USA, which provides many data security-related services; SSL being one. NortonLifeLock offers OV and EV certificates at a fair cost and great customer support and security from Norton. They are mostly suited for SMEs and established corporations rather than individual creators.

Some features include 24/& Customer support, Norton Secured Seal, Daily Malware scanning, and warranties that can go up to $1.5 million.

Official website https://securitycloud.symantec.com

e. RapidSSL

RapidSSL

Also known as Geotrust, Rapid SSL is an affordable solution for smaller websites that need DV SSL. The price is only $30 a year, and you get 24/7 customer support, along with a warranty of up to $500K. Apart from DV, they also provide OV and EV, at affordable prices of $83 and 4176 respectively.

Rapid SSL may not be as fancy in terms of features, but it is affordable, and it gets the job done. They don’t compromise on the security whatsoever. 

Official Website https://www.rapidssl.com/

f. Cloudflare SSL Certificate

Cloudflare

Cloudflare is a service that primarily provides Content Delivery Network (CDN), DDOS Mitigation, Internet Security, and Distributed Domain-Name-Server services. SSL Certificate is more like an ‘add-on’ to their service plans which also consists of DDOS attack mitigation, lossless image optimizations, automatic mobile optimizations and so on.

One thing to note about Cloudflare is that you can connect your website to their service and directly get a SSL certificate without having to install it manually. There are both free and paid plans.

Here are the official guidelines https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates#h_30e5cf09-6e98-48e1-a9f1-427486829feb on how you can enable Cloudflare on your website. 

Official Website  https://www.cloudflare.com/

3. Install the SSL Certificate

This is where it gets a little complicated. You see, different hosting providers have different dashboards and processes for installing SSL. So, it will be best for you to contact your hosting provider for the job.

If you still want to do it by yourself, here is how you can install an SSL Certificate in cPanel.

Step 1: Login to your cPanel Account.

Step 2: On the main page, scroll down until you see SSL/TLS Manager under Security Tab.

Security Tab in Control Panel

Step 3: Go back to the SSL/TLS Manager and then to Manage SSL Sites (at the bottom)

Manage SSL site

Step 4: Select the domain where you want to install your SSL certificate.

Select Domain

Step 5: Along with your SSL Certificate, the provider will also give you a txt file. Copy the content of the file to the CA Bundle Section (Scroll Down).

How to Fix a Website Security Certificate (SSL) Error? 1

Step 6: Click on Install Certificate.

That’s it. All you need to do to fix a Website Certificate error is properly install a SSL Certificate. 

Conclusion: With more than 1.5 million phishing sites being created every year https://blog.dashlane.com/phishing-statistics/ and more than 32.6% of websites having inadequate security measures to ward off hackers https://www.ssllabs.com/ssl-pulse/, it is only practical for browsers such as Google Chrome and Firefox to take Website Certificate Error very seriously. 

Having a SSL certificate is a simple yet effective way to make sure users feel safe on your website. All you need to do is choose your certificate type and a provider that fulfills your needs. Don’t forget to renew your certificate when it expires!