When you visit a particular website on your browser, you might receive an error message preventing you from visiting the website. These error messages have headlines stating that your connection might not be private or the site you are trying to visit is not secure.
These messages are frustrating not only for the users visiting the website but also the website owners. These errors come because of SSL/TLS certificates. Some misconfiguration with the SSL certificate might cause these errors.
You might be interested in reading blog post on How to Fix Firefox Connection is Not Secure Error (All Common Errors)
Common SSL Certificate Error Message
If you made upto this blog post, then it’s highly possible that you’re also facing a similar issue on your default web browser. To help you out, we decided to cover a detailed blog post, covering all the common SSL Certificate error messages accompanied by solutions that you can get when visiting a website with misconfigured SSL or if it’s not secure to visit.
SSL Certificate Expired
If the SSL certificate of the website is expired, then you might get the error message stating that the clock is either set to the wrong time or the website is misconfigured.
As per the guidelines, any SSL certificate given to a website cannot have a lifespan of more than 398 days. If you are visiting a website that shows an SSL certificate expire message, then that means the website owner will have to renew the SSL certificate of their website.
Error code displayed on different browsers for this error-
- Chrome- NET::ERR_CERT_DATE_INVALID
- Firefox- SEC_ERROR_EXPIRED_CERTIFICATE
- Edge- DLG_FLAGS_SEC_CERT_DATE_INVALID
- Safari- It displays an error message ( Safari warns you when a website has an expired certificate)
If this error is encountered, then the website owner must renew the SSL certificate of the website. However, users can try changing the date and time of their device. Many times this error can occur not because of an expired certificate but because of misconfigured date and time.
Domain Name Does Not Match Certificate
If you receive an error message that the certificate is invalid for the domain, it might be because the website you are trying to visit does not match the certificate. This error is encountered by users when someone is trying a phishing attack or the user visits a fake website.
Sometimes, the name mismatch error or the domain name does not match the certificate may be due to a simple mistake you did while typing the website. For instance, if the certificate is registered for www.domain.com and you are trying to visit http://domain.com then you might get this error.
Different browsers may display different error code for the message such as-
- Chrome – NET::ERR_CERT_COMMON_NAME_INVALID
- Firefox – SSL_ERROR_BAD_CERT_DOMAIN
- Edge – DLG_FLAGS_SEC_CERT_CN_INVALID
- Safari – Headline is displayed (The connection is not private), click on the view certificate link will let you confirm that the domain name does not match the certificate.
If you encounter this error make sure you are entering the legit website. If the website you are visiting has a domain name that does not match the certificate, you must try not to visit the website. As a website owner, you must make sure that the common name in the certificate matches the domain.
Incomplete Chain Of Trust
When visiting a website, if you get an invalid authority error message, it might be because the webserver is not having a complete chain of trust. If all the necessary certificates are not properly installed, then you can encounter this error.
This error usually occurs when the website you are visiting has SSL signed from an untrusted company. The browser has a list of the certificate authority (the company that signs the SSL certificate). When you visit the website, the SSL certificate is checked in the list, and if the browser does not found the certificate authority in the list, then it may display the certificate not trusted error.
- Chrome – NET::ERR_CERT_AUTHORITY_INVALID
- Firefox – SEC_ERROR_UNKNOWN_ISSUER
- Edge – DLG_FLAGS_INVALID_CA
- Safari – Click on the view certificate button, and the message regarding the certificate not trusted will be shown.
You must ensure that the complete chain is installed on the website. Also, ensure that you are getting an SSL certificate signed by a legit certificate authority.
The revoked certificate error message is encountered when the SSL certificate was revoked before the expiration date. The SSL certificate might have been revoked due to server compromise or some compliance issues with adhering to the policy.
- Chrome – NET::ERR_CERT_REVOKED
- Firefox – SEC_ERROR_REVOKED_CERTIFICATE
- Edge – ERROR_INTERNET_SEC_CERT_REVOKED
- Safari – Click on the view button to view the error message. In this case, it will be certificate is revoked.
In this case, you must get a new website certificate that is linked to publicly trusted root and intermediate certificates that are completely valid.
Mixed Content Error
This error may occur if your website is loading an element from an insecure page. When the website (https://www.domain.com) is loading an element from an insecure website (http://www.yoursite.com), then you might encounter this error.
The element can be anything such as an image, animation, or a snippet. Even the smallest element loaded from an unsecured page or website may cause your browser to display the error message.
In this case, you must check whether the SSL is installed or not. You will have to configure the page to force the HTTP request. You will also have to change your website address from HTTP to HTTPS if it was not already.
Generic SSL Protocol Error
Generic SSL protocol errors can occur due to multiple reasons, and it is considered the trickiest to solve among all the other SSL errors.
The error may occur due to an SSL certificate that is not properly formatted, and the browser is finding it difficult to parse. Another reason for this error message to appear may be because of the certificate not being properly installed.
The use of outdated encryption algorithms and firewalls interfering with the SSL can be another reason for this reason to appear.
In case, you’re seeing this error message while surfing particular blog post, then we recommend users to contact them and share information about the error message, because it is possible that the webmaster might not aware it.
We hope this blog post will help you understand different types of SSL error messages that you might encounter while browsing the internet, and also helped you understand how to fix them.
However, if you’re a webmaster and the fixes suggested in this blog post don’t solve your problem, then you must contact your web hosting provider to check what is the issue.
In case, you know any other solution to fix SSL error messages mentioned in this blog post that we fail to cover, then feel free to comment.