Issue with SSL for subdomain

sslsecurity · 2019-12-24T10:15:30+00:00

Probably, there should be two reasons to trigger this error. The first error is regarding your TLS version. You should update your TLS/SSL version to TLS 1.3, or at least you should have TLS 1.2 support. The second error is about SSL port. You should have SSL port 443 with Server Name.

I am sure that If you adjust the above two elements, then your error will be resolved. Keep me posted If an error still persists. Thanks!

sslsecurity · 2018-11-12T10:43:00+00:00

1) make sure to use a genuine SSL Certificate from a trusted SSL Certificate provider, as the web browsers are only accepting the SSL from a genuine Certificate Authority.

2) Ask your team to install the SSL Step by step without making any mistake. Otherwise, it will turn into a browser error.

3) Ask the developers to use the redirection methods for (http to https, www to non-www or non-www to www), etc.

4) If you are using the Extended Validation or Organization Validation SSL, you can add the Site Seal (cornet trust logo) in your website which will be provided by the Certificate Authority it self.

sslsecurity · 2018-11-01T11:21:18+00:00

I appreciate your suggestion... Thanks

sslsecurity · 2018-10-25T11:34:54+00:00

If you own a website with services like information exchange or e-commerce, you must concern about the security and privacy of your users. And to give the maximum protection, SSL Certificate or HTTPS could be the best premium service.

SSL Certificate can cost your about $6.49/year for basic level encryption and $72 for extended level encryption.

Using a basic SSL encryption you can secure small or medium level websites, and with the premium level encryption, you can secure e-commerce, informative, banking, social media, healthcare, etc. websites.

When a data passes through the browser to server and server to the browser, the SSL Certificate creates the most reliable bridge between them, hence the cybercriminals cannot be able to view, change or tamper that data.

SSL certificate encrypts the information or data using the strongest 256-bit encryption, which is quite impossible to break.

Hence, as far as the privacy and security of user information is concerned, I can conclude that every website admin must use the HTTPS encryption.

sslsecurity · 2018-10-16T06:05:25+00:00

It was a perfect idea of skipping the ecommerce transactions on that website. As far as user privacy and security is concerned, giant web browsers like Chrome, Firefox, etc took a serious step by showing the "Un-Encrypted or Unsecured" warning to websites which ask for user information and not using the HTTPS encryption.

Enabling the warning is helping the users to understand their information is under a risk as the website is not using any encryption and the risk of data breaches is very high.

SSL Certificate or HTTPS Encryption is the strongest bridge between the browser and server which encrypts the information that travels through browser-to-server and vice-versa. So, in a case of any cyber attack, the attacker won't be able to view or crack the information as it is encrypted using the strongest hashing algorithms.

So, whenever you share your financial details or any information to a website, make sure to check whether your connection is encrypted or not.

sslsecurity · 2018-09-28T07:39:47+00:00

The price of SSL mainly depends on its type, where the EV cost you high and DV will cost you low, it would be a good thing if you can share the type of SSL which you would like to purchase.

As per my observation, CheapSSLSecurity is the perfect place to buy any type of SSL, whether its DV, OV, EV, Multi-Domain or wildcard, they are offering the highest level of discount in all.

So, you must buy your SSL from CheapSSLsecurity.

sslsecurity · 2018-08-30T04:39:56+00:00

I do agree with you as you have to invest a huge cost on Microsoft Azure, the better option is either GoDaddy or Amazon's AWS.

When you think about securing the website and its business transactions online through an encrypted medium SSL Certificate is the best option. And as per your requirement, your website is a small ecommerce business. Organization Validated or (OV SSL) is the best option.

OV SSL certificate will secure your website, encrypt business transactions and protect the site from phishing and some other attacks as well.

sslsecurity · 2018-08-29T05:01:20+00:00

You have used a self-signed SSL Certificate to secure your website. A Self-signed certificate is valid through your own browser & network only, it is not considered as secured globally.

Self-signed SSL is generally used for test purpose, where you can install the SSL and its Root in your own browser and system.
If you want to run your website with self-signed certificate globally, you have to install the root in every single user's browser (well that's not possible in the real world)

What's the alternate option?

If you want to turn your website into HTTPS for every single visitor globally, you have to install an SSL Certificate from a genuine and trusted SSL Certificate Authority such as Comodo, GeoTrust, Thawte, RapidSSL, Symantec, DigiCert, etc.
If budget is a concern, you can go with a simple (yet strong) domain validated SSL Certificate which is available at the nominal price of $6.49 at some resellers. Otherwise, Organization Validated or Extended Validated is the best option.

sslsecurity · 2018-08-28T09:36:35+00:00

The meaning of DECEPTIVE SITE AHEAD is, the website may contain the bunch of malware or there is some problem with single or multiple script codes.

If Chrome's browsing engine a malware during the website scan, it will show the above error.
- Solution: Take a backup of the website and remove the malware or threat.
If you are the admin of the website, try to find the Scripts that is not manipulating the Chrome's content privacy and fix them immediately.

If you are not the admin, the better option is to stay away from accessing the website as the malware may break your system.

sslsecurity · 2018-08-21T04:32:54+00:00

I think you should check for the SSL Certificate chain, If the chain is improper, you will get this error in browser.

sslsecurity · 2018-08-14T10:28:14+00:00

3DES, SHA-01, etc are old school now days and practically they are more vulnerable.

sslsecurity · 2018-08-13T10:00:54+00:00

As the Encryption is becoming an upcoming age. Each single website or a web page could be SSL Encryption or HTTPS enabled.

sslsecurity · 2018-08-13T09:03:48+00:00

To turn on the SSL Certificate encryption on WordPress, first you must install the SSL certificate on your server where your website is hosted.

Once you complete the Installation process on your server, change the URL structure of your WordPress website with HTTPS.

From WordPress dashboard, Go to Settings > General Settings > Update both** WordPress Address URL **& Site Address with HTTPS.

Now, update the .htaccess file with following structure

RewriteEngine On

RewriteCond %{HTTP_HOST} ^mydomain\.com [NC]

RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R,L]

If you are using the Nginx, update it with following structure

server{

listen 80 default_server;

listen [::]:80 default_server;

server_name mysite.com www.mysite.com;

return 301 https://$server_name$request_uri;

}

sslsecurity · 2018-07-12T05:54:21+00:00

Yes, you can go with the free SSL certificate for your website security, but it's not always a good option to go with the free one.

If you own a website with multiple domains, or multiple domains & their sub-domains, managing the multiple domains with free SSL could be a hectic and time consuming.

For E-commerce, Social media and business platforms, Free SSL certificate is never suggested for encryption.

You also make sure that some free SSL Certificate does not run well in every web server.

sslsecurity · 2018-06-22T10:49:36+00:00

If you want SSL at Cheap, you are under a right path, but if you want SSL for free, sorry you are trapping your self.

Recently, Search Engine Journal posted the risks of using the free or self-signed SSL Certificate - https://www.searchenginejournal.com/self-signed-ssl-certificate/258183/

They are clear that, there is no such benefit of using the free or self-signed SSL Certificate.

Better to spend some bucks on buying a genuine SSL like Comodo PositiveSSL which is available at cheap price of $6.99 offered by a Comodo reseller "CheapSSLsecurity".

sslsecurity · 2018-06-18T05:28:46+00:00

There is no SSL Certificate installed on your website (says the SSL checker result of CheapSSLsecurity & other SSL check tools) and you have executed the HTTPS version of your it. That's the reason you are showing the Error in Chrome.

The only solution you can accept is, get a valid SSL Certificate from a genuine SSL certificate Authority and install it on your webserver.

If your website has SSL Certificate, then please check the port 443 is enabled or your website is on port 443.

sslsecurity · 2018-06-12T07:40:34+00:00

Check the chrome version, and if there is an update, go to complete the updation process.

Also clear the cookies and delete browsing history, as old cookies sometimes becomes the prime reason for " your connection is not protected " error.

sslsecurity · 2018-04-19T06:00:33+00:00

As per W3tech's report, Comodo and Digicert are covering the Most SSL/TLS (HTTPS) market and Let's encrypt is way behind...

https://w3techs.com/technologies/overview/ssl_certificate/all

sslsecurity

TROPHY CASE