Shulou(Shulou.com)06/01 Report--

Common errors and Solutions of SSL Certificate

Problem: the security certificate issued by this website is not issued by a trusted certification authority.

The SSL certificate being used by the server is not issued through a formal globally trusted CA. It is recommended to buy GlobalSign SSL,GeoTrust SSL, Symante SSL certificate, SSL is usually because the certificate is not installed correctly, please check whether the original test certificate has been deleted, if the certificate used by the website is correct, please restart webserver.

Problem: the security certificate issued by this website is issued for the address of other websites.

The domain name corresponding to a SSL certificate is a full domain name FQDN (Fully Qualified Domain Name). If the domain name in the certificate is www.domain.com, the system will report that it does not match the domain name in the certificate through other similar domain names: web.domain.com,app.domain.com,domain.com. If there are multiple sites with the same primary domain name that need to apply for a certificate, a wildcard SSL certificate is recommended; if it is not the same primary domain name, you need to purchase a multi-domain name SSL certificate.

Problem: this page contains unsafe content.

If a page needs to be accessed through HTTPS, all the elements in it must be in HTTPS mode. If there are images, JS scripts, and the FLASH plug-in is called through HTTP, this error will occur. The most common error is to call the flash playback plug-in: codebase=' http://download.macromedia.com/pub/shockwave/.

Cabs/flash/swflash.cab', can change http to HTTPS, and test whether the SSL problem has been solved after refreshing.

Problem: the security certificate issued by this website has expired or is not yet valid.

The SSL certificate used by this logo website has expired. Please check the validity period of the website certificate first. If the website certificate is valid after this day, please check the date setting of your local computer. If the certificate expires, please contact Yi Weixin customer service as soon as possible and renew it! You can handle the SSL error.

Question: why do I get a "no shared cipher" error when using the anonymous Diffie-Hellman (ADH) algorithm?

By default, OpenSSL does not enable the ADH algorithm for security reasons. You can enable this algorithm only if you do understand the side effects of this algorithm.

To use the anonymous Diffie-Hellman (ADH) algorithm, you must use the "- DSSL_ALLOW_ADH" configuration option when compiling OpenSSL and add "ADH" to the SSLCipherSuite directive.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.