Types of SSL Errors

An SSL certificate error or security certificate error indicates a problem with HTTPS encryption. You will see this error when connecting to a website using HTTPS,

When you type address in the address bar using HTTPS encryption, websites present certificates to identify that they are legitimate. The certificate authority verifies that name shows in the Cert is the real owner of that website and they are entitled to the certificate. Your browser also checks that the certificate was issued by a known legitimate certificate authority to verify you’re connecting to the website you keyed and not another server pretending to be that keyed website.

When you see a certificate error, this indicates that you’re not necessarily connecting to the real, legitimate website. Viz If you try to access any bank’s website on a public network and see this error, it’s possible that the network is compromised and someone is attempting to pretend you that you are on a legitimate bank website.

Generally, there are two types of SSL errors.

The SSL certificate for this website is not trusted

An internet browser will specify that a website certificate is untrusted if that certificate has not been signed by a legitimate Certificate Authority. In order for a browser to accept a certificate, it must be able to link it to a ‘trusted root certificate’.

There are few common reasons for this to occur:

The SSL certificate on that website expired and currently the domain doesn’t have a valid certificate.

The website is using a self-signed or Private SSL certificate but it is missing its legitimate Certificate Authority certificate.

Certificate Name ‘Mismatch’ error

Among other one common error message that will show up as an SSL certificate domain name issue is a name mismatch error. It occurs if the domain name in the SSL certificate doesn’t match the address in the address bar of the browser.

There are several different possible error messages that come up based on the type of web browser used as well as the version. Some are much more ominous than others and direct the user to leave the site. Others, such as Firefox and Safari point out just what is wrong, but to the general public, the “danger” warning is really all that matters.

This error message also warns off customers because it could also mean that phishers are trying to pass a malicious website as your legitimate site.

However, the issue that most often triggers the name mismatch error is the common name listed on the SSL certificate is not the same as the name that is typed into the address bar on the website. One of the reason may be the common name listed on the certificate might need to include the www, if it was typed in, or the web address without the www for the site has to forward to the www site for the SSL certificate.

Common Name Mismatch Error is a widespread error that occurs when the Common Name or SAN value of your SSL / TLS certificate does not correspond to the domain name. The error message may have different content depending on the browser used.

In Chrome, the error message looks like: “Your connection is not private. Attackers might be trying to steal your information from the URL (for example, passwords, messages, or credit cards)

If you encounter any of the above mentioned or similar error messages, you should not disregard them and proceed further to such a web site. It is most likely that you will eventually end up on a fraudulent site. Recommendations for fixing an error for site owners are given below.

This Post Has 2 Comments

  1. You are so awesome! I do not think I’ve read through something like that before.
    So great to find somebody with a few unique thoughts on this subject matter.

    Seriously.. many thanks for starting this up. This site is something that is required on the web, someone with some originality!

Leave a Reply

five × 4 =