Self signed SSL certificate warning
In this article I'm going to discuss why you would be receiving a warning or error in your web-browser when trying to access your server via the self signed SSL certificate while using a secure connection.
Self-signed SSL errors
When you are trying to access a service such as WHM on your server, over the SSL (Secure Socket Layer) protocol, the server has to identify itself with a SSL certificate to the web-browser.
In order for web-browsers to trust the certificate that the server has presented, the SSL certificate must be issued by a valid Certificate Authority (CA).
By default the SSL certificate that would be configured on your server would be a self-signed one, essentially meaning that it has not been issued by a CA, but instead your own server has signed the certificate as being valid.
This works perfectly fine for encrypting data, but it will present you with an error or warning in your web-browser when trying to access the secure content. Below are examples of this from popular web-browsers:
Click on Advanced, then Proceed to example.com (unsafe) to bypass SSL warning in Chrome.
Click on I Understand the Risks, then click on Add Exception....
Next click on Get Certificate, and finally Confirm Security Exception to bypass SSL warning in FireFox.
Microsoft Internet Explorer
Click on Continue to this website (not recommended) to bypass SSL warning in Internet Explorer.
This warning is simply letting you know that the SSL certificate was self-signed. In the case of accessing your own server this isn't a problem at all, and you can simply tell your web-browser to accept the self-signed SSL certificate and continue.
Where you would typically take caution on these types of errors would be if you were accessing your bank or a credit card's website, as that could be an indication your secure data isn't properly going to the right server.
If you'd like to not have a self-signed SSL certificate error when accessing your server via SSL, you can read our guide on how do I obtain an SSL certificate, as that explains how you could purchase a dedicated SSL certificate that would be issued via a Certificate Authority and not display the same warning.
2014-05-11 8:31 am
In Explorer or Mozilla neither display "Continue to this Website (not recommended)" or "I understand the risks". Is there a way to bypass this? Currently there is no way to proceed.
2014-05-12 9:01 am
Hello S. Thomas,
Thank you for your question. We are happy to help, but will need some additional information to troubleshoot the problem.
Since it is not displaying the "Continue to this Website (not recommended)" or "I understand the risks" message, what is happening?
Are you getting errors? What errors are you getting?
If you have any further questions, feel free to post them below.
2014-05-16 7:49 am
Hi John Paul,
This is the message I get in Firefox:
The certificate is not trusted because no issuer chain was provided. The certificate is only valid for mail The certificate expired on 3/1/2012 9:31 AM. The current time is 5/16/2014 7:31 AM. (Error code: sec_error_unknown_issuer)
It is strange because this is my work email portal and my coworkers say they can get in. I have tried intallling earlier versions of Explorer (per the IT guys at work) and I set my computer's date back to 2011 to no avail. The IT guys at work say I can get Puffin for my smart phone but I am old school-no smart phone.
2014-05-15 8:22 am
Hi S. Thomas - If you search google for:
• Continue to this Website (not recommended) is missing, or
• I understand the risks is missing
... you'll see that quite a few others are having a similar problem. The solution for Internet Explorer sounds a little tricky (here's another solution to try), but if you want to test in Firefox, someone recommends this solution:
2014-05-16 7:43 am
Thanks Brad for your reply. Unfortunately it did not work for me.
In the Add Security Exception pop up when I enter the URL in the location field the only way to proceed is to click on the "Get Certificate" button. Once I do this Firefox says "Attempting to Verify the site..." then says "Unable to obtain identification for the given site".
This is my work email I am trying to get into and I coworkers say they can get in with no problem.
Thanks again though!
2014-05-16 8:22 am
It will indeed state Attempting to Verify the site... until you enter the URL into the Location field. Be sure to enter this and it will then generate the certificate for the site entered within that field.
2015-03-02 6:55 pm
Some of the good info posted in the past few months is helpful in describing the impact of using the default self-signed certificate when accessing cpanel using the initial VPS domain alias. So it seems to me that we just have to step thru typical browser warning that this https certificate is not trusted, and establish permanent transparent SSL access to cpanel via our domain name, like: "https://www.mydomain.com/cpanel". AMP offers non-HTTPS links by default, but we are not stuck with that.