Error Messages

The certificate used to load [site] uses an SSL certificate that will be distrusted in an upcoming release of Chrome.

A warning is displayed in the Chrome console window regarding your certificate

Error code: ssl_error_rx_record_too_long

This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.

Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error

NET::ERR_CERT_SYMANTEC_LEGACY

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error

This error occurs when the website has not enabled SSL connections or has blocked port 443

103 (net::ERR_CONNECTION_ABORTED): Unknown Error

CSR country code invalid

This means when you generated your CSR request you did not specify the correct 2 digit country code.

NET::ERR_CERT_VALIDITY_TOO_LONG - The server certificate has a validity period that is too long

The Logjam Attack – Weak Diffie-Hellman key exchange

The certificate is not trusted because the issuer certificate is unknown

keytool error: java.security.cert.CertificateParsingException: invalid DER-encoded certificate data

This can occur if the certificate format you are importing is incorrect. The certificate supplied by the Certificate Authorities is normally in a PEM format. Glassfish requires DER format to import.

Exchange Server: The certificate status could not be determined because the revocation check failed

Common Name does not contain fully qualified domain name

This error occurs when you try to paste your CSR request into the enrolment form.

To help protect your security, Internet Explorer has blocked this website from displaying content with security certificate errors.

This error usually occurs because the website content contains both secure and insecure content.

This website does not supply identity information. Your connection to this website is not encrypted.

This error usually occurs because the website content contains both secure and insecure content.

Site host name, does not match your SSL certificate Subject Name

You have ordered a wildcard certificate but it looks like you haven’t specified a wildcard domain.

Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created.

Error code: ssl_error_weak_server_ephemeral_dh_key

Unable to decode CSR data. key size may be too large.

This error occurs when the CSR request has been generated using IIS7

There was a problem talking to the Certificate Issuer: Missing or Invalid Field: CSRDomain

Unable to set the certificate: Invalid certificate format

It may be that your certificate is packed in an unrecognised format

The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it.

Your connection to [domain] is encrypted with obsolete cryptography

Your connection to [domain] is encrypted with obsolete cryptography

The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

Error code: sec_error_unknown_issuer

SSL Certificate does not work on Parallels Panel (Plesk)

Once you have installed the certificate in Parallels Panel you need to then assign it to a web site.

The pending certificate request for this response file was not found.

CSR does not contain a wildcard domain as expected

This means you have purchased a wildcard SSL certificate but your CSR does not contain a wildcard domain.

SSL certificate does not have public audit records

My SSL certificate has been rejected

Sometimes the Certificate Authority will refuse to issue a certificate. This can happen after the certificate has already been issued in which case the Certificate Authority will revoke the certificate.

wget: unable to get local issuer certificate

This page contains both secure and nonsecure items

This error does not indicate a problem with the SSL certificate.

There was an error while performing this operation Details: CertEnroll::CX509Enrollment::p_InstallResponse: ASN1 bad tag value met. 0x8009310b (ASN:276)

This issue occurs because IIS Manager performs a lookup operation to look for a friendly name of the certificate during the installation

However, this page includes other resources which are not secure

You are unable to use this order for Japanese products, Please contact your provider for assistance

Warning: the CA certificate does not sign the certificate.

Your CSR contains a key size that is no longer considered secure. Security best practices require a minimum key size of 2048 bits.

From 2012 all SSL certificates must be issued with a minimum key size of 2048bit. These are the guidelines specified by the SSL industry via the CAB Forum.

Mis-match Error During Certificate Installation

During the installation process if you receive a “mis-match” error this can mean that the private key does not match the public key.

Expired Orders

The security certificate presented by this website was not issued by a trusted certificate authority

We are sorry, but the pin you supplied has already been cancelled.

There was a problem talking to the Certificate Issuer

However, this page includes other resources which are not secure

This error usually occurs because the website content contains both secure and insecure content.

SEC_ERROR_OCSP_INVALID_SIGNING_CERT

This error (normally presented by Firefox) means that the OCSP stapling for the site certificate is invalid.

NET::ERR_CERT_COMMON_NAME_INVALID

This error message means that the server is returning a certificate for a different common name than that specified in the address bar.

Forbidden: Free UbiquiTLS offer is deactivated for this account, please contact support

CSR invalid CN - wildcard not supported. Common Name is invalid.

Forbidden: Operation is not allowed for this order at this time.

Unable to create .well-known folder on windows

Windows does not allow .well-known folder

Forbidden: General System Error. ResendEmail failed exception (ApproverEmail)

Error displayed when trying to resend approver email

Forbidden: There has been an error:Validity period not valid

Steps to resolve the error Validity period not valid​​

Order Cancellation Errors

What might cause errors when cancelling orders?

The link you are using has expired or the order has been approved

Error when using IIS generated CSR during renewal

error: SEC_ERROR_REVOKED_CERTIFICATE

MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED

Error produced by Firefox when visiting website secured by a no longer trusted certificate.