The SSL certificate for this website is not trusted

Feb 3, 2017

Resolution

‘Untrusted' errors are usually caused for one of two reasons:

Site uses a self-signed certificate

In many cases, this is because the website is using what is known as a 'Self Signed Certificate'. As the name suggests, a self-signed certificate is one that the website owner has generated and signed for themselves using their webserver software. Therefore, the certificate is not associated with any 'trusted root' in the browser's certificate store and the browser will display an 'untrusted' error.

 

Intermediate certificate(s) not installed

Another potential reason for the 'Untrusted' error is because the website administrator has not correctly installed all intermediate certificates on their webserver. The following example provides a better illustration of this issue:

 

 

The Diagram shows the chain of trust that the internet browser will use to verify the certificate. The trusted root certificate has signed the Intermediate certificate which has in turn signed the Website certificate.

When a visitor makes a connection to website, the webserver should present both the website certificate AND the intermediate certificate to the visitor's browser. The browser will then be able to check all certificates in the chain back to the root certificate. Most certificate authorities will send a bundle file to the website owner which contains all required intermediates along with the end-entity/website certificate. However, if the webserver admin doesn't install all intermediates, then users will see a 'certificate not trusted' message.

Have any Questions

If you have any questions, feel free to call us