For a smooth setup of your SSL Certificate on your website you need to ensure you:
a. Have got the correct certificate in the correct format as requested
b. Have got a certificate that matches with your submitted CSR and private key
c. Are able to setup the certificate correctly as per your web server platform
d. Are also able to troubleshoot issues not related to SSL certificate setup
Here are our suggestion of 5 things to do after you get your SSL certificate for your website no matter where you got your certificate from:
Use this online tool to match your CSR or Private Key with the SSL Certificate generated to check if it is valid for installation.
- Check if the certificate matches the CSR you submitted at the time of the certificate enrollment or request.
- Check if the certificate matches the private key you generated with the submitted CSR.
Decode the SSL certificate to check if it has valid information before installing it by using this online tool.
- Check for domain (common) name
- Check for start & end dates of certificate validity.
If the certificate received is not in a format compatible with your web server platform, you can easily convert the generated SSL certificate between various formats such as PEM, DER, PFX and P7B. This online tool can help.
- The .cer certificate is usually a DER format Windows certificate file for use with the IIS web server.
- The .crt format is usually a PEM format file used with web servers such as Apache & nginx on Linux-based systems.
3. Setup your certificate for your web server platform
Here are some common do-it-yourself SSL installation scenarios organised by Certifying Authority (CA) but the process is exactly the same for a specific platform across certificates of any brand:
Once you install the certificate you need to check if it is correctly setup. Verify the SSL certificate is installed correctly on your web server, and trusted by browsers using this online tool.
There are many reasons why the website be shown as Not Secure in web browsers and here are some of them:
- Your web server may need a restart after setup for the padlock icon to show in the web browser.
- You may have not setup the intermediate CA certificate with the SSL certificate.
- You may have not replaced the previous certificate files with the new ones, or saved the new files in the wrong location.
Use this online tool to find out why there is no padlock icon with the https displayed in the web browser address bar for some website pages even after correct SSL certificate setup.
This mostly happens when your page loads too many scripts or media files using http instead of https.