In the world’s major browsers launched a number of HTTPS support policies, more and more websites have to abandon the simple and fast HTTP plaintext protocol for network security, to the more secure HTTPS encryption protocol, and most of the SSL certificate is usually used to switch HTTPS.
HTTP is the most widely used network protocol on the Internet. It is a client – and server-side request and response standard (TCP). It is used to transfer hypertext from the WWW server to the local browser. HTTPS: an HTTP channel that aims at security. In short, it is the secure version of HTTP, that is, ADDING SSL layer under HTTP. The SECURITY foundation of HTTPS is SSL, so SSL is required for encrypting details.
Common SSL certificate errors 1. The website certificate is not issued by a trusted ca. Cause 1: The certificate is not in the trusted list of the browser vendor. You can install the certificate manually by adding it to the browser’s “trust list”. Solution: Browser options → Content TAB → certificate -→ import. Cause two: The SSL certificate used by the website server is not issued by a globally trusted CA. Cause three: The SSL certificate is not correctly installed. You need to check whether the existing or tested certificate has been deleted.
The Domain Name of each SSL certificate is unique. It is a Fully Qualified Domain Name (FQDN). When the domain name contained in the certificate issued by the website is inconsistent with the domain name of the website, the system will automatically send a report indicating that the certificate domain name does not match. You need to apply for an SSL certificate again. If you have multiple sites with the same primary domain name, apply for a multi-domain SSL certificate.
3. A “No shared cipher” error is received when anonymous Diffie-Hellman(ADH) algorithm is used. By default, Openssl does not enable the ADH algorithm for security reasons. This algorithm should only be enabled if the user truly understands the side effects of the algorithm. To use the anonymous Diffie-Hellman(ADH) algorithm, the user must use the “-dssl_allow_ADh” configuration option when compiling Openssl and add “ADH” to the sslCipherSuite directive.
4, the website certificate has expired or has not yet come into effect this situation is generally the computer system date error, the other is the certificate has passed the validity period, it needs to renew. You can view the start and end dates of the certificate information to determine whether the certificate is within the validity period. If yes, check whether the computer date is correct. Otherwise, the SSL certificate is not valid. Contact the certificate issuer to renew the certificate.
5. The page contains unsafe content. Currently, every page is encouraged to use HTTPS, so all content on a website must be HTTPS. This error can occur if you encounter images, JAVASCRIPT scripts, and FLASH plug-ins that are called via HTTP. Just change the calling element HTTP to HTTPS, and then refresh to see if the SSL problem is resolved.
1) Press the combination key of “Win+R” to open the operation, enter inetcpl. CPL in the operation box, and click “Ok” to open the “Internet Options”; 2) Switch to the “Advanced” TAB; 3) Select “Use SSL 3.0”, “Use SSL 1.0”, “Use SSL 1.1”, “Use SSL 1.2” in the setting box, click Apply and click OK; 4) Restart the browser to resolve the SSL connection error!
Interface test tool: www.apipost.cn/?dt=2021
