Tech Newbie: Certificate Error on Website

14 replies
I am totally a tech newbie and so I was wondering if someone could possibly help me on this. I had a few websites designed but I have not gotten around to putting content on them yet. Well, yesterday when I went to work on one of the websites when the website popped up I got a pop up message from IE saying "To help protect your security Internet Explorer has blocked this website from displaying content with security certficate errors."

What does this mean and what can I do to get rid of this? I have all the domains on the same Hostgator account and every site that has been designed using wordpress is showing this. Thanks for the help.
#certificate #error #newbie #tech #website
  • Profile picture of the author seasoned
    What you want to do is harder then you might think.

    The way it works is that you specify a domain name, it then registers the IP, uses the IP to resolve the site, and then checks THREE THINGS!

    1. Is the domain name IDENTICAL!(Amazon. com and www. amazon. com are DIFFERENT!)
    2. Is todays date valid?
    3. Is the C/A recognized as valid.

    BTW REALIZE that if the website is amazon.com, and the certificate is Amazon. com, and you access it as www. Amazon. com, it will FAIL! Because the ip resolved site will be amazon. com.

    ANY failure in the above by default will give the error you got. So WHAT do you have to do?

    1. Decide on the domain names!
    2. Get a SEPARATE IP address for EACH domain to use HTTPS protocol.
    3. Get a request certificate for each domain.
    4. BUY a SEPARATE Certificate for each domain name from a RECOGNIZED C/A
    5. Install them on the domains.
    6. use ONLY the domains they are for, if you are using HTTPS.
    7. NEVER use HTTP on any page that is accessed via HTTPS(as it will give a warning)

    Steve
    {{ DiscussionBoard.errors[1698975].message }}
  • Profile picture of the author Keith Choy
    Originally Posted by TiffanyB View Post

    I am totally a tech newbie and so I was wondering if someone could possibly help me on this. I had a few websites designed but I have not gotten around to putting content on them yet. Well, yesterday when I went to work on one of the websites when the website popped up I got a pop up message from IE saying "To help protect your security Internet Explorer has blocked this website from displaying content with security certficate errors."

    What does this mean and what can I do to get rid of this? I have all the domains on the same Hostgator account and every site that has been designed using wordpress is showing this. Thanks for the help.
    Hi Tiffany,

    Are you trying to access your own website through https:// ...?
    Usually, you use this only for secured access to your website (eg. for purchase). If not, you may have activated it by mistake in your cpanel.

    If yes, there are 2 possible reasons:

    1. You may be using a private SSL cert. You just click on "continue" on your web browser to continue. No major issue if this access is for your own personal use only. However, if this is meant for views by the public, you may want to consider installing a public SSL cert. You may want to contact your webhost to check on this.

    or

    2. The SSL cert CA provider has just updated their CA and this information is not updated in your web browser. By doing a patch (ie. Microsoft OS patches), most of the time, this will resolve the problem. Happen to 2 of my sites.

    Hope this helps.

    - Keith Choy
    {{ DiscussionBoard.errors[1699233].message }}
    • Profile picture of the author seasoned
      Originally Posted by Keith Choy View Post

      2. The SSL cert CA provider has just updated their CA and this information is not updated in your web browser. By doing a patch (ie. Microsoft OS patches), most of the time, this will resolve the problem. Happen to 2 of my sites.

      Hope this helps.

      - Keith Choy
      I have NEVER seen this happen, and it would be a DISASTER if it ever did. AND, you can't simply "do a patch". WHY? Because it affects only YOUR client. If you ask new customers to do it, they may not trust the whole thing. Maybe YOUR problem, keith, is that you are not using an ESTABLISHED C/A!

      BTW if you DO ask them to patch, make sure the patch is DIRECTLY from M/S to them.

      Steve
      {{ DiscussionBoard.errors[1700527].message }}
      • Profile picture of the author dwatrous
        Can you post a link to the site that's giving you the errors. It would be pretty easy to identify the problem if I could look at it. I'll take a look once you post a link and let you know what I find.
        {{ DiscussionBoard.errors[1700782].message }}
      • Profile picture of the author Keith Choy
        Originally Posted by seasoned View Post

        I have NEVER seen this happen, and it would be a DISASTER if it ever did. AND, you can't simply "do a patch". WHY? Because it affects only YOUR client. If you ask new customers to do it, they may not trust the whole thing. Maybe YOUR problem, keith, is that you are not using an ESTABLISHED C/A!

        BTW if you DO ask them to patch, make sure the patch is DIRECTLY from M/S to them.

        Steve
        Hey Steve,

        Sorry. Only saw this post now.

        Yes, this did happen and no it is an established CA.

        It was not a major event as all service providers usually update Microsoft way in advance to include their latest changes as part of their regular monthly patch. So in a way, it is transparent to end-user. This happen to our case our vendor did not include this patch was in our latest rollout patches to the user base (yap, naturally the vendor got a dressing down).

        Anyway, not a major show-stopper. Just an annoyance to the user to see a pop-up.

        Next time, you get your Microsoft patches, read through them and you will notice some of info within.

        - keith choy
        {{ DiscussionBoard.errors[1731039].message }}
  • Profile picture of the author seasoned
    Remember the 3 requirements I gave you earlier? Well, HERE is your problem!

    The certificate is for diythemes.com, and thus violates #1!
    The certificate is from diythemes.com which is NOT a recognized C/A, and thus violates #3!

    Remember the point #7 I listed in the second part? I slipped up! I said NEVER use HTTP on an HTTPS page. I should have ALSO said NEVER use HTTPS on an HTTP page. THAT is what YOU are doing for: The Thesis Theme from Chris Pearson and DIYthemes. Go to an HTTP: page, as opposed to HTTPS!!!

    BTW you did NOT get hacked! This was an ad you put up. BECAUSE you are loading the image, the warning is being issued. You can provide a LINK to an HTTP page from an https page, you can provide a link from an HTTPS page to http. You can link within the same domain names area. If you do ANYTHING else(when one side is https)! ANYTHING! Run a script, display a graphic, etc... you will get this error!

    Steve
    {{ DiscussionBoard.errors[1701315].message }}
    • Profile picture of the author TiffanyB
      Originally Posted by seasoned View Post

      Remember the 3 requirements I gave you earlier? Well, HERE is your problem!

      The certificate is for diythemes.com, and thus violates #1!
      The certificate is from diythemes.com which is NOT a recognized C/A, and thus violates #3!

      Remember the point #7 I listed in the second part? I slipped up! I said NEVER use HTTP on an HTTPS page. I should have ALSO said NEVER use HTTPS on an HTTP page. THAT is what YOU are doing for: The Thesis Theme from Chris Pearson and DIYthemes. Go to an HTTP: page, as opposed to HTTPS!!!


      Steve
      Was this something that was done by the person who designed the site using the Thesis theme? I am pretty much lost since I did not design the site and really know nothing about this.
      {{ DiscussionBoard.errors[1701331].message }}
      • Profile picture of the author seasoned
        Originally Posted by TiffanyB View Post

        Was this something that was done by the person who designed the site using the Thesis theme? I am pretty much lost since I did not design the site and really know nothing about this.
        Well, you got past the problem. I guess you could have bought the template with the ad. Some people give free templates, or reduce the price, just to place an ad. That IS a common practice. If they tested it on their https accessed system, they would not have seen the warning.

        But HEY, the idea is to get something close to what you want, and flesh it out like you want.

        Steve
        {{ DiscussionBoard.errors[1701391].message }}
        • Profile picture of the author TiffanyB
          Originally Posted by seasoned View Post

          Well, you got past the problem. I guess you could have bought the template with the ad. Some people give free templates, or reduce the price, just to place an ad. That IS a common practice. If they tested it on their https accessed system, they would not have seen the warning.

          But HEY, the idea is to get something close to what you want, and flesh it out like you want.

          Steve
          The ad for Thesis theme did not come with the template and I was able to delete it from all of the websites and they are working fine now. The designer who customized the Thesis theme for me put it there to just show how to change the ad code for the boxes.

          Thank you so much for your help. I really appreciate it!
          {{ DiscussionBoard.errors[1701709].message }}
          • Profile picture of the author seasoned
            Originally Posted by TiffanyB View Post

            The ad for Thesis theme did not come with the template and I was able to delete it from all of the websites and they are working fine now. The designer who customized the Thesis theme for me put it there to just show how to change the ad code for the boxes.

            Thank you so much for your help. I really appreciate it!
            You're welcome. I'm glad to help.

            BTW I don't know if you know, but https basically gets the visitor's system to encrypt the code in a way that only YOUR system can decrypt it and vice/versa. It is used for secure things, like credit card info, so a person sniffing(internet version of a wiretap) sees only GARBAGE. SO, though you don't need it NOW, you may later. So you learned some things anyway. It wasn't a total waste of time.

            Steve
            {{ DiscussionBoard.errors[1701866].message }}
  • Profile picture of the author seasoned
    Keith,

    The C/A(authorized or not) did a HORRIBLE thing! Verisign gets a PREMIUM price for their certs, and people have paid almost $1000 for what they could get for FREE! WHY!?!? Because they don't have to do the impossible.

    You don't THINK it is a show stopper. You THINK it is only an annoyance. Your job is NOT to convince ME, but perhaps MILLIONS this happens to. For each one you fail to convince, you may lose a sale. And the REALLY bad thing is that most will NEVER give you a chance to convince them, and you may NEVER hear of it. They simply go to a competitor, or lose interest.

    AND, if they have M/S change anything, they should transition it such that the window of potential failure is TINY.

    Steve
    {{ DiscussionBoard.errors[1731441].message }}
    • Profile picture of the author Keith Choy
      Originally Posted by seasoned View Post

      Keith,

      The C/A(authorized or not) did a HORRIBLE thing! Verisign gets a PREMIUM price for their certs, and people have paid almost $1000 for what they could get for FREE! WHY!?!? Because they don't have to do the impossible.

      You don't THINK it is a show stopper. You THINK it is only an annoyance. Your job is NOT to convince ME, but perhaps MILLIONS this happens to. For each one you fail to convince, you may lose a sale. And the REALLY bad thing is that most will NEVER give you a chance to convince them, and you may NEVER hear of it. They simply go to a competitor, or lose interest.

      AND, if they have M/S change anything, they should transition it such that the window of potential failure is TINY.

      Steve
      hi Steve,

      *smile* If you re-read my post, the problem was with our vendor. They forgot to do the patch to all our office PCs/notebooks even though it was available for months already.

      The fault did not lie with the CA or MS.

      - keith choy
      {{ DiscussionBoard.errors[1740261].message }}

Trending Topics