Guide to Troubleshooting SSL
An SSL is a secured cryptographic protocol for authenticating and encrypting data and communication over a network. Most online users tend to search and click on sites with HTTPS on them because they feel safer on sites encrypted with SSL, which keeps their sensitive information, such as payment details and passwords, safe. That's how important SSL certificates are. Plus, that lock icon and HTTPS in the browser's address bar will look cool on your website!
So, you already got your SSL certificate, but your site keeps getting that SSL certificate errors and unsecured warning notifications? There are various reasons why your website is still showing these SSL errors.
This article will discuss the common causes of SSL certificate errors and what you can do to resolve them.
Common SSL Certificate Errors
- The Site is Not Redirecting to HTTPS ⤵
- DNS-related Issues ⤵
- Mixed Content Error ⤵
- SSL Certificate Renewal Error ⤵
- Common Name Mismatch Error ⤵
The Site is Not Redirecting to HTTPS
When you purchase an SSL certificate for your website, you have to ensure to "force" or enable the HTTPS on your website. If not, your site will not "redirect" to HTTPS. Depending on how your site was created (WordPress, Joomla, etc.), there are many ways to enable HTTPS on a website.
Please see the instructions in the following articles to know how to force HTTPS on your website.
- How do I Use my SSL Certificate? - If you're using paid SSL certificates, this article will guide you in redirecting your site to HTTPS.
- How to Get and Enable Your Free SSL Certificate - If you're using the Free Let's Encrypt SSL, this article will give instructions on forcing HTTPS on your website.
- WordPress HTTPS (SSL) Plugin - If you're using WordPress, here is a guide on managing HTTPS connections using plugins.
If your domain's DNS has not fully propagated or properly connected to your host's servers, your site may not redirect to HTTPS properly. Once SSL is installed on your domain and you enable HTTPS, your site will appear secure, so it is important to properly configure your DNS records ahead of time. Please check out the following article for instructions on managing your DNS records.
If you're using the HostGator Free Let's Encrypt SSL, your domain must be connected to your HostGator servers, and you've forced the HTTPS on your website. For more information on forcing HTTPS on your site while using the Free Let's Encrypt SSL, please visit the following article.
If you're using SiteLock and have enabled its CDN feature, your SSL may stop working. In this case, you need to configure your SSL to work with your SiteLock's CDN. To guide you with this task, please follow the instructions in the following support guide.
Mixed Content Error
If you've already forced the HTTPS on your website, but you're getting a mixed content warning, that means your website (with HTTPS) is trying to load an element, such as an image, from an unsecured file path/webpage (without HTTPS). Your website may appear broken to users if these elements don't load properly.
In most cases, the mixed content warning can be resolved by fixing the links of your web elements (for example, pulling content from a secured webpage).
To resolve a mixed content error:
- Identify the mixed content on your website by searching for "http://" URLs on your site's source codes. You may also use an online SSL checker tool such as https://www.ssl2buy.com/wiki/why-no-padlock to get a list of URLs with "http://."
- Once you've identified the elements that are not in HTTPS, fix the element's URL to use the HTTPS protocol. Often, the element's HTTPS version already exists and only requires adding an "s" to its URL (from http:// to https://).
- If your pulling an element from an external resource (or webpage) that is not in HTTPS, consider moving the element to a different host that serves the HTTPS version.
- If unsecured elements are found in a WordPress site, use a plugin to enable HTTPS. Here is an article to guide you with this task.
SSL Certificate Renewal Error
This error pops up when the website's SSL certificate expires. You may want to renew your SSL certificate before its expiration date to avoid a day on your website without SSL. If you're using a third-party SSL, you may need to get that reinstalled on your website here at HostGator. Please see the following articles to learn more about managing and renewing SSL certificates.
If you're still getting an SSL certificate not trusted error, the SSL certificate could have been installed incorrectly. If this happens, see if you can get a new Certificate Signing Request (CSR) from your server and request for re-issuance from your SSL certificate provider.
Common Name Mismatch Error
Depending on your browser, this SSL error will show different warning pages. This happens when your SSL certificate's common name or SAN value does not match the domain name. This can be a result of incorrect server settings or incorrect data when installing an SSL certificate. It is also possible that your site is using a self-signed certificate instead of an SSL certificate provided by a valid provider. For example, your SSL certificate is registered for "www.hgexample.com," so if your website is accessed as "https://hgexample.com" (without www), you'll see the name mismatch error. The error will pop up when trying to pull up a site other than the one for which the SSL certificate was issued.
Site Still Not Secured?
To check the status of your SSL certificate, SSL type, expiry date, and certificate hostname and confirm which server your SSL was installed on, go to these external SSL checker tools: