IT Blog

Cyber Security General Info IT Support

Common SSL configuration issues leading to non-compliance

Your website is a key part of your business and it is a place that your customers will come when they want to get in touch with you, learn more about what you can offer and just generally get a feel for your business.

With such importance placed on your website, the last thing that you are going to want is to find that it doesn’t work as it should, or even worse, that it is flagged as not providing a secure connection. If a customer sees an SSL connection error on your website when they connect then they are going to be wondering if they can actually trust it to be secure and safe and then they may even go elsewhere.

Not exactly ideal for you as a business.

The best thing that you can do when it comes to SSL issues is to learn more about them and when you know which are the most common place, then you can start to think about how you can go about fixing them.

The browser doesn’t trust your certificate

There are a variety of browsers out there that you can use when you surf the web. Chrome, Firefox, Safari and Internet Explorer are just a few of them. These browsers are built to recognise trusted root SSL certificates which are issued by the regulated Certificate Authorities. If the browser detects that the SSL certificate has not been signed by one of the trusted authorities then it will signal to the visitor that it is not safe and show a SSL error.

There is no intermediate SSL certificate

When a website has an SSL certificate added it needs to have all the intermediates installed too. If not, then it will definitely mean that you will see the dreaded “Certificate is not trusted” error. In order to ensure that this doesn’t happen, when the certificates are installed it is vital that proper configuration is followed, that the root certificate and the intermediate certificate is there too. Something that you may need expert help in doing.

The certificate is self-signed

Some SSL errors are caused by the website owner creating and signing their own certificate. This is often the case when they want to save money and will usually be seen on developmental stage servers. However, these are not appropriate for commercial websites that will be visited by customers, and they will be flagged as not being secure. Usually for the right reasons.

The SSL certificate has a name error

When you want to create a HTTPS connection, you need to make sure that the SSL certificate matches the domain name that appears in the URL bar. If it doesn’t then the browser is going to think that the SSL certificate doesn’t correlate to the website and flag it as not being secure. The most common reason that this particular error occurs is because you have created the SSL certificate for your website as it is typed in www.mywebsite.com, however your visitor comes to the website by typing in mywebsite.com. You need to make sure that you cover both scenarios if you want to ensure that your website is as secure as it can be.

Ensuring that your SSL is right can be a headache, but we can promise you that it is one of the most important things that you can do for your business and its online presence.