Self-Signed SSL Certificate Warning

In this article I’m going to discuss why you would be receiving a warning or error in your web-browser when trying to access your server via the self-signed SSL certificate while using a secure connection.

Self-signed SSL errors

When you are trying to access a service such as WHM on your server, over the SSL (Secure Socket Layer) protocol, the server has to identify itself with a SSL certificate to the web-browser.

In order for web-browsers to trust the certificate that the server has presented, the SSL certificate must be issued by a valid Certificate Authority (CA).

By default the SSL certificate that would be configured on your server would be a self-signed one, essentially meaning that it has not been issued by a CA, but instead your own server has signed the certificate as being valid.

This works perfectly fine for encrypting data, but it will present you with an error or warning in your web-browser when trying to access the secure content. Below are examples of this from popular web-browsers:

Google Chrome

Shared SSL Insecure warning

Click on Advanced, then Proceed to example.com (unsafe) to bypass SSL warning in Chrome.

Mozilla FireFox

firefox self signed ssl warning

Click on I Understand the Risks, then click on Add Exception….

Next click on Get Certificate, and finally Confirm Security Exception to bypass SSL warning in FireFox.

Microsoft Internet Explorer

internet explorer self signed ssl warning

Click on Continue to this website (not recommended) to bypass SSL warning in Internet Explorer.

This warning is simply letting you know that the SSL certificate was self-signed. In the case of accessing your own server this isn’t a problem at all, and you can simply tell your web-browser to accept the self-signed SSL certificate and continue.

Where you would typically take caution on these types of errors would be if you were accessing your bank or a credit card’s website, as that could be an indication your secure data isn’t properly going to the right server.

If you’d like to not have a self-signed SSL certificate error when accessing your server via SSL, you can read our guide on how do I obtain an SSL certificate, as that explains how you could purchase a dedicated SSL certificate that would be issued via a Certificate Authority and not display the same warning.

IC
InMotion Hosting Contributor

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

37 Comments

  • Hi, My website is showing the below error

    Your connection is not private
    Attackers might be trying to steal your information from southkarnatakatourism.in (for example, passwords, messages, or credit cards). Learn more
    NET::ERR_CERT_AUTHORITY_INVALID

    Help improve Safe Browsing by sending some system information and page content to Google.

    • The error that you’re seeing is the result of settings within the Chrome Browser. You can find them in this link: https://support.google.com/chrome/answer/114836?co=GENIE.Platform%3DDesktop&hl=en

    • If you would like to not have a self-signed SSL certificate error when accessing your server via SSL, you can read our guide: how do I obtain an SSL certificate, as that explains how you may install a Free SSL or purchase a dedicated SSL certificate that would be issued via a Certificate Authority and not display the same warning.

  • My website www.*************.com is having

    “Your connection is not private”
    How do I stop it, I have uninstall the ssl certificate, but it still keeps coming. I cannot access my wordpress again at the moment.

    • I checked your site and the SSL expired on “April 20, 2018.” I recommend using the Free SSL from InMotion Hosting to replace your existing SSL.

      Thank you,
      John-Paul

  • Just upgraded to VPS hosting.  Trying to login to cPanel and keep getting the message below on all browsers and the browers no longer give an option to bypass the warning.  cAN YOU HELP ME RESOLVE THIS? 

    This organization’s certificate has been revoked.

    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. 

     

    We recommend that you close this webpage and do not continue to this website.

     

    • There should always be an option to bypass, such as an Advanced button. Then there should be a checkbox of some sort for you to allow the exception, possibly permanently.

  • I’m getting the secure connection failed as well, but i’m not getting “Advanced” option. only “Try Again”

    I”ve looked up how to add an exception manually, but cannot find it in firefox.

    • You may want to make sure you are using the most recent version of Firefox or consider upgrading. The current version is 50.

  • I’m trying to access WHM on a VPS but I’m receiving the error below. Can you help?

     

    Secure Connection Failed

    An error occurred during a connection to********.inmotionhosting.com:2087. Peer’s Certificate has been revoked. Error code: SEC_ERROR_REVOKED_CERTIFICATE

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

    Please contact the web site owners to inform them of this problem.

    • You should be able to tell your browser to trust the certificate and proceed. In the Chrome and Firefox browser, click Advanced to accept and proceed.

  • Hello,

    My ultimate goal is to use a self signed cert, to encrypt WordPress logins and admin pages.  Unfortunately HTTPS is not working even for basic html files in sites root directory.

    I get the following SSL Connection Error, “Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don’t have.”  So it appears that SSL is not running/working for the site.

    When installing the self signed cert in cpanel there was a msg stating that “Note: You do not have a dedicated IP address. As a result, web browsers that do not support SNI will probably give false security warnings to your users when they access any of your SSL websites. Microsoft® Internet Explorer™ on Windows XP™ is the most widely used web browser that does not support SNI.”  

    That msg led me to believe that a dedicated IP should not be needed (I don’t care that the requested hostname is not encrypted when using SNI).

    However in a support chat I was told that the SSL error was because the site did not have a dedicated IP.

    Can you please confirm for me if a dedicated IP is, or is not required?  And if a dedicated IP is required, why isn’t SNI supported?

    Thanks,
    Kyle

    • Hello Kyle,

      You can have our Live Support team install a self-signed certificate if you are on a VPS or Dedicated plan. When using a self signed certificate on your site, it will still give a trust warning and need to be accepted before moving into the secure area.

      Kindest Regards,
      Scott M

    • Hello Tedsun,

      What website are you visiting when you see this error? Is this a website you own? Do you pay for the SSL certificate?

      Best Regards,
      TJ Edens

  • The Server you are connected to is using a security certificate that cannot be verified

    The signature of the certificate can not be verified 

    View Certificate

    Do you want to continue using this server?

    Yes   No

    • Hello G.Manjunatha,

      Yes that is the default response of this error. Are you getting this on your website? Do you need any assistance on this topic?

      Best Regards,
      TJ Edens

  • Would the addition of a fee paid SSL certificate to that server stop the error and enhance the credibility of that SMTP server?  I don’t want to bypass the error, I want for all the ISP on the web who reverse my mail server to verify it to not see errors.

    Im more interested in the clear and clean validation and reputation than how to hotwire it around the error that every ISP will see when they look at my setup.  The $60 to that mail.mydomain.com makes it all go away right?

    • Hello Joepostscript,

      Yes if you purchased an ssl for mail.yourdomain.com it would remove the secure SMTP errors when connecting to the server.

      Best Regards,
      TJ Edens

  • I am trying to use Google Apps to migrate my emails from inmotion servers to my google emails.  I get this message when dosing so, “

    SSL error. SSL certificate may not have been installed properly on the source server. Please verify.
     
     
    Is there something wrong with my SSL certificate?
    • Hello DemetriosM,

      Sorry for the problem with your SSL certificate. It’s possible that your certificate was not created specifically for the email address (especially on a shared server, because it’s on a different IP address). Shared servers have their own SSL certificate for sending on mail secured – it would not be the same as yours. If you’re on a VPS or Dedicated server, the certificate would need to be setup for that purpose.

      I hope this helps to answer your question, please let us know if you require any further assistance.

      Regards,
      Arnel C.

  • Some of the good info posted in the past few months is helpful in describing the impact of using the default self-signed certificate when accessing cpanel using the initial VPS domain alias.   So it seems to me that we just have to step thru typical browser warning that this https certificate is not trusted, and establish permanent transparent SSL access to cpanel via our domain name, like: “https://www.mydomain.com/cpanel”.  AMP offers non-HTTPS links by default, but we are not stuck with that.    

  • Hi John Paul,

    This is the message I get in Firefox:

    The certificate is not trusted because no issuer chain was provided. The certificate is only valid for mail The certificate expired on 3/1/2012 9:31 AM. The current time is 5/16/2014 7:31 AM. (Error code: sec_error_unknown_issuer)

    It is strange because this is my work email portal and my coworkers say they can get in.  I have tried intallling earlier versions of Explorer (per the IT guys at work) and I set my computer’s date back to 2011 to no avail.  The IT guys at work say I can get Puffin for my smart phone but I am old school-no smart phone. 

    Any ideas?

    • It will indeed state Attempting to Verify the site… until you enter the URL into the Location field. Be sure to enter this and it will then generate the certificate for the site entered within that field.

  • Thanks Brad for your reply.  Unfortunately it did not work for me. 

    In the Add Security Exception pop up when I enter the URL in the location field the only way to proceed is to click on the “Get Certificate” button.  Once I do this Firefox says “Attempting to Verify the site…” then says “Unable to obtain identification for the given site”. 

    This is my work email I am trying to get into and I coworkers say they can get in with no problem.

    Thanks again though!

  • In Explorer or Mozilla neither display “Continue to this Website (not recommended)” or  “I understand the risks”.  Is there a way to bypass this?  Currently there is no way to proceed.

    • Hello S. Thomas,

      Thank you for your question. We are happy to help, but will need some additional information to troubleshoot the problem.

      Since it is not displaying the “Continue to this Website (not recommended)” or “I understand the risks” message, what is happening?

      Are you getting errors? What errors are you getting?

      If you have any further questions, feel free to post them below.
      Thank you,

      -John-Paul

    • Hi S. Thomas – If you search google for:

      • Continue to this Website (not recommended) is missing, or
      • I understand the risks is missing

      … you’ll see that quite a few others are having a similar problem. The solution for Internet Explorer sounds a little tricky (here’s another solution to try), but if you want to test in Firefox, someone recommends this solution:

      1. Start Firefox and go to the “offending site.”
      2. Open a new tab and enter “about:certerror” to get the add exception panel.
      3. Copy the URL of the offending site from the first tab and paste it into the URL field of the exception panel.
      4. Follow the directions to make the exception permanent.

Was this article helpful? Let us know!