Common SSL Issues to Avoid
Common SSL Issues to Avoid
Common SSL Issues to Avoid

6 Common SSL Issues to Avoid

The last thing a website user wants is to be vulnerable to online attacks. When browsing the web, online security features are a factor in checking whether a website is credible and secure enough to get clicked. Because of this, SSL certificates are already a must-have for online security. It affects not only your credibility but as well as search engine optimisation (SEO). So, for you and your customer’s peace of mind, it’s important to get and install SSL as soon as possible.  

However, SSL errors can still happen as a result of many possible factors. Whenever these errors arise, they can turn a good day into a disaster. As always, prevention is better than cure so we listed some of these errors below so you are aware and can avoid them. 

SSL issues to understand and avoid 

SSL issues to avoid

We know that there are several other SSL issues out there. The list below contains SSL issues that our customers usually deal with. 

Verification Errors 

The most common SSL issue that most webmasters encounter is domain verification. Here’s what they are and how you can avoid them. 

  • Domain verification. This is usually done via email authentication. The certificate authority (CA) sends an email to the contact email address listed in WHOIS about the SSL request. Once the confirmation response is received from the contact email address, you’re done with the validation. Without access to the domain’s contact email, email verification is impossible. 
  • File-based verification. This is the process where you upload the TXT file, provided by the CA, to your root directory. This process can be confusing for those that have many domains in shared hosting. So, make sure to remember this: Your main hosting folder is the public_html. Addon domains will have a domain folder (sampledomain.com) within public_html. For subdomains like test.sampledomain.com, the subfolder test is usually the name of the directory. Note that subdomains can be in either public_html or the domain folder. Verification won’t be successful if you upload to the wrong directory. 
  • DNS verification. On the other hand, you may also do the verification by adding two unique hashes in your CName records. CAs will supply these details. What’s important here is to add the records in the correct DNS zone – where your name servers are hosted. 

You must have access to the listed contact email, upload the required file to the correct directory, and add the CName records in the correct DNS zone for either of the verification methods to work. These are very basic checklists to remember but once overlooked, they can delay the installation process. 

Late Renewals and Expired SSL 

When you forget to renew your SSL certificate and it expires, this is what happens: 

  • Your website will no longer work on HTTPS. 
  • A “Not Secure” warning will show whenever your site is opened.  
  • Encryption of data from a browser to the web server will be disabled.  
  • You and your customers are vulnerable to man-in-the-middle attacks. 
  • It affects your search engine rankings. 

Expired SSL

When communications with your customer through your website is no longer secure, you will lose their trust and it will taint your reputation. In fact, about a hundred thousand website owners fail to renew their SSL certificates resulting in losses. So, make sure to renew your SSL before it expires.  

HTTPS Redirection 

After installing an SSL certificate, make sure to force redirect your website to HTTPS. Website owners usually assume that once the SSL is installed that’s it. However, it is important to redirect the website to HTTPS after an SSL is installed for the website to be secured.  

A 301 redirect is perfect for HTTPS redirections; it’s a permanent redirect that is good for SEO. Setting up this redirection is possible through your hosting manager dashboard, .htaccess file, and sometimes, if your name server provider allows it, DNS zone.  

Outdated Sitemap 

Another thing that is commonly forgotten is the website’s sitemap. It’s a file with information about a website’s contents – pages, videos, pictures, etc. After forcing redirection to HTTPS, it’s important that you also update your sitemap URLs. Site SEO can be negatively affected when search engines crawl your sitemap and find that it still uses HTTP. 

Simply download the old sitemap and update the prefixes from HTTP to HTTPS via find/replace to manually update your sitemap. Then, upload it to the root folder replacing the old one. For content management systems (CMS) like WordPress, there are available plugins that can help create and automatically update your sitemaps. If it doesn’t work, do it manually.  

It’s recommended to do this as soon as possible for your SEO.  

Mixed Contents 

When force redirecting your website to HTTPS, website files like videos and pictures also need to get their resource code updated to HTTPS.  Mixed content errors are a result of other resources loaded over a non-secure connection.  

For websites built through WordPress, you can install plugins like Really Simple SSL to help resolve the mixed content errors. You may also do this manually, but it is still best to refer this to your developer to avoid faulty updates. 

Free SSL over Paid SSL 

SSL certificates becoming the standard of online security push website owners to get one. Because of this, cheaper or even free alternatives became available to everyone. But, why is it better to get the paid SSL certificates over the free ones? 

  • Longer validity. Free SSL certificates only last 90 days. SSL renewals add to your to-do lists because you must constantly update and install newer ones to avoid expiration. As stated above, an expired SSL certificate is damaging to your reputation. Paid SSL certificates offer a minimum validity of 12 months making it less of a hassle for you.  
  • Limited certificate options. Among the three types of SSL, only Domain Validated (DV) certificates can be issued by free SSL providers. This is because DV certificates only offer basic encryption. Certificates with advanced encryption require payment and people to check valid documents, like Extended Validation (EV) and Organisation Validation (OV) certificates. 
  • Warranty. With SSL certificates becoming standard in web security, their goal is to protect both website owners and their customers from cyber threats. Whenever paid SSL certificates don’t work, the issuing CAs are liable to pay compensation for damage while free SSL providers are not.  
  • Customer support. Most paid SSL certificates come with customer support. This ensures that when things are not right, you get to contact your CA for assistance and fixing. 

Take extra caution, act now

Common SSL Errors to understand

SSL certificates have become very important for a secure online experience. So, it is crucial to understand the common issues about SSL certificates to avoid and quickly fix them. The last thing we want is to use our time dealing with errors when they can be prevented. It may sound cliché but it’s always better to be safe than sorry.  

Skip to section