SSL certificate common Errors and Solutions

Source: Internet
Author: User
Tags openssl globalsign ssl ssl certificate fully qualified domain name
issue: The security certificate issued by this web site is not issued by a trusted certification authority.

The SSL certificate that the server is using is not issued through a formal global trust ca. Recommended purchase GlobalSign Ssl,geotrust SSL, Symante SSL certificate, SSL is usually because the certificate is not properly installed, please check again to remove the original test certificate, if the site uses the certificate is correct, please restart webserver. issue: The security certificate issued by this website is issued for other website addresses.

An SSL certificate corresponds to a domain name that is a full domain FQDN (fully qualified domain name), If the domain name in the certificate is www.domain.com, the domain name in the certificate is not matched by the other similar domain name: web.domain.com,app.domain.com,domain.com. If a site with more than the same primary domain name requires a certificate, it is recommended to use a SSL certificate, and a multi-domain SSL certificate is required if it is not the same primary domain name. problem: This page contains unsafe content.

If a page needs to be accessed through HTTPS, all of the elements must be HTTPS, if there are: Pictures, JS script, Flash plug-ins are called through HTTP, it will appear this error, the most common is the call Flash playback plug-ins: codebase = ' http://download.macromedia.com/pub/shockwave/
Cabs/flash/swflash.cab ', change HTTP to HTTPS, and test the SSL problem after refreshing. issue: The security certificate issued by this web site has expired or has not yet taken effect.

This identity Web site uses an SSL certificate that has expired, check the validity period of the site certificate, and check the date settings for the local computer if the site certificate is valid for the current day. If the certificate expires, please contact the easy-letter customer service, renewals. will be able to handle a good SSL error. question: Why do I receive a "No shared cipher" error when using the anonymous Diffie-hellman (ADH) algorithm?

By default, OpenSSL does not enable the ADH algorithm for security reasons. You can enable this algorithm only if you do understand the side effects of the algorithm.

In order to use the anonymous Diffie-hellman (ADH) algorithm, you must use the "-dssl_allow_adh" configuration option when compiling OpenSSL and add "Sslciphersuite" to the ADH directive.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.