In this article, I will focus on the ever common SSL error(s) that you may have encountered whether as a developer or a user on a website and how to fix these errors so your SSL encryption will not be broken or malfunctioning.
What is SSL?
SSL stands for Secure Sockets Layer. It provides a secure connection between internet browsers and websites, allowing you to transmit private data online. Sites secured with SSL displays a padlock in the browsers URL and possibly a green address bar if secured by an EV Certificate.
Here is an image of what a good SSL looks like in various browsers:
Sometimes site owners go for years not knowing that their SSL is broken and furthermore they’ve put their users at risk by forcing them to make unsecured transactions, unprotected email when registering and so on. I suppose to the untrained eye it’s not that easy to tell unless you are used to looking up at your browser bar. The broken SSL will appear different according to what browser you are in. Here are some examples of what to look for when one has a broken SSL.
Some modern browsers present a large warning page before loading the actual website though not all!
Notice the browser bar in the upper left hand corner? Depending upon what browser you are in it may look a little different but you get the point. There may be an X, or a line drawn through the padlock indicating a break. If you ever see this then you should beware especially if you are doing the following:
- Checking out with a shopping cart
- Signing up for a newsletter
- Logging in
How to fix a broken SSL
There are a few solutions to finding the little bugs that break your SSL. First let’s get the basics out of the way. The following in an example of a site you can use to diagnose a page or pages on your website to find out what is breaking your SSL. It does however expect your SSL to be installed correctly. If your SSL is not installed correctly then it will break regardless. Go the the following website: https://www.whynopadlock.com/ and enter the page that you wish checked. It will scan the page and let you know exactly what is wrong. You then only have to fix the issue on your website, upload the changes and the padlock should be repaired.
A side note:
The majority of broken SSL’s are due to images that have an absolute URL referencing them with (http) and not (https), or sometimes you are accessing 3rd party’s outside of your domain with http, and not https.