Deploying ssl certificates for websites is the choice of many webmasters, preventing hijacking, tampering, and theft, and protecting data privacy and security. In the process of deploying ssl, there will be many problems, such as the server ssl certificate is invalid, so what causes this? How to solve this problem?
1. The page contains unsafe content
At present, every page is advocated to use https, so all content of the website must be https. If you encounter pictures, JS scripts, and the FLASH plug-in is called through http, a prompt that the SSL certificate is invalid will occur.
Solution: Change the called element http to https, and then refresh to test whether the SSL problem has been resolved.
2. Use a self-signed or poorly universal SSL certificate
A self-signed SSL certificate is a certificate issued by an individual or organization itself. They are a big security risk, are more vulnerable, and are not trusted by browsers. Similarly, the poor generality SSL certificates issued by small service providers are not trusted by browsers. Because the top layer of the certificate trust chain is the CA organization, and these small service providers lack the credibility of the CA organization, are not trusted by the browser, and will prompt that the SSL certificate is invalid.
Solution: Choose a CA organization that has passed the certification of the international Webtrust standard and has international electronic certification service capabilities.
3. The domain name contained in the SSL certificate does not match the URL
The domain name corresponding to each SSL certificate is unique and is a full domain name FQDN. When the domain name contained in the certificate issued by the website is inconsistent with the domain name of the website, the system will automatically issue a report indicating that the domain name of the certificate does not match, which is also one of the common reasons for invalid SSL certificates.
Solution: You need to re-apply for the SSL certificate. If multiple domain names need to be protected, you need to apply for a multi-domain SSL certificate or a wildcard SSL certificate.
4. The website certificate has expired or has not yet taken effect
This kind of situation is usually due to the wrong date of the computer system. The other is that the certificate has expired and needs to be renewed.
Solution: You can check the effective start and end dates of the certificate information to determine whether the certificate is within the validity period, and if so, check whether the computer date is correct. Otherwise, the second reason is that the SSL certificate is not valid and needs to be replaced. To replace the SSL certificate, you can find the original SSL certificate application organization, or you can find another SSL certificate authority to re-apply for a new SSL certificate. Using a new SSL certificate will not have any impact on your HTTPS website.