InMotion Hosting Support Center

In this article I'm going to discuss why you would be receiving a warning or error in your web-browser when trying to access your server via the self signed SSL certificate while using a secure connection.

Self-signed SSL errors

When you are trying to access a service such as WHM on your server, over the SSL (Secure Socket Layer) protocol, the server has to identify itself with a SSL certificate to the web-browser.

In order for web-browsers to trust the certificate that the server has presented, the SSL certificate must be issued by a valid Certificate Authority (CA).

By default the SSL certificate that would be configured on your server would be a self-signed one, essentially meaning that it has not been issued by a CA, but instead your own server has signed the certificate as being valid.

This works perfectly fine for encrypting data, but it will present you with an error or warning in your web-browser when trying to access the secure content. Below are examples of this from popular web-browsers:

Google Chrome

Shared SSL Insecure warning

Click on Advanced, then Proceed to example.com (unsafe) to bypass SSL warning in Chrome.

Mozilla FireFox

firefox self signed ssl warning

Click on I Understand the Risks, then click on Add Exception....

Next click on Get Certificate, and finally Confirm Security Exception to bypass SSL warning in FireFox.

Microsoft Internet Explorer

internet explorer self signed ssl warning

Click on Continue to this website (not recommended) to bypass SSL warning in Internet Explorer.


This warning is simply letting you know that the SSL certificate was self-signed. In the case of accessing your own server this isn't a problem at all, and you can simply tell your web-browser to accept the self-signed SSL certificate and continue.

Where you would typically take caution on these types of errors would be if you were accessing your bank or a credit card's website, as that could be an indication your secure data isn't properly going to the right server.

If you'd like to not have a self-signed SSL certificate error when accessing your server via SSL, you can read our guide on how do I obtain an SSL certificate, as that explains how you could purchase a dedicated SSL certificate that would be issued via a Certificate Authority and not display the same warning.

Support Center Login

Social Media Login

   
Social Login Joomla

Related Questions

Here are a few questions related to this article that our customers have asked:
Service Certificate still assigned to Self-signed Certificate
Would you like to ask a question about this page? If so, click the button below!
Ask a Question
n/a Points
2014-05-11 8:31 am

In Explorer or Mozilla neither display "Continue to this Website (not recommended)" or  "I understand the risks".  Is there a way to bypass this?  Currently there is no way to proceed.

Staff
16,246 Points
2014-05-12 9:01 am
Hello S. Thomas,

Thank you for your question. We are happy to help, but will need some additional information to troubleshoot the problem.

Since it is not displaying the "Continue to this Website (not recommended)" or "I understand the risks" message, what is happening?

Are you getting errors? What errors are you getting?

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
n/a Points
2014-05-16 7:49 am

Hi John Paul,

This is the message I get in Firefox:

The certificate is not trusted because no issuer chain was provided. The certificate is only valid for mail The certificate expired on 3/1/2012 9:31 AM. The current time is 5/16/2014 7:31 AM. (Error code: sec_error_unknown_issuer)

It is strange because this is my work email portal and my coworkers say they can get in.  I have tried intallling earlier versions of Explorer (per the IT guys at work) and I set my computer's date back to 2011 to no avail.  The IT guys at work say I can get Puffin for my smart phone but I am old school-no smart phone. 

Any ideas?

Staff
5,399 Points
2014-05-15 8:22 am
Hi S. Thomas - If you search google for:

• Continue to this Website (not recommended) is missing, or
• I understand the risks is missing

... you'll see that quite a few others are having a similar problem. The solution for Internet Explorer sounds a little tricky (here's another solution to try), but if you want to test in Firefox, someone recommends this solution:

  1. Start Firefox and go to the "offending site."
  2. Open a new tab and enter "about:certerror" to get the add exception panel.
  3. Copy the URL of the offending site from the first tab and paste it into the URL field of the exception panel.
  4. Follow the directions to make the exception permanent.
n/a Points
2014-05-16 7:43 am

Thanks Brad for your reply.  Unfortunately it did not work for me. 

In the Add Security Exception pop up when I enter the URL in the location field the only way to proceed is to click on the "Get Certificate" button.  Once I do this Firefox says "Attempting to Verify the site..." then says "Unable to obtain identification for the given site". 

This is my work email I am trying to get into and I coworkers say they can get in with no problem.

Thanks again though!

Staff
11,156 Points
2014-05-16 8:22 am
It will indeed state Attempting to Verify the site... until you enter the URL into the Location field. Be sure to enter this and it will then generate the certificate for the site entered within that field.
n/a Points
2015-03-02 6:55 pm

Some of the good info posted in the past few months is helpful in describing the impact of using the default self-signed certificate when accessing cpanel using the initial VPS domain alias.   So it seems to me that we just have to step thru typical browser warning that this https certificate is not trusted, and establish permanent transparent SSL access to cpanel via our domain name, like: "https://www.mydomain.com/cpanel".  AMP offers non-HTTPS links by default, but we are not stuck with that.    

n/a Points
2015-06-15 10:44 pm

Would the addition of a fee paid SSL certificate to that server stop the error and enhance the credibility of that SMTP server?  I don't want to bypass the error, I want for all the ISP on the web who reverse my mail server to verify it to not see errors.

Im more interested in the clear and clean validation and reputation than how to hotwire it around the error that every ISP will see when they look at my setup.  The $60 to that mail.mydomain.com makes it all go away right?

Staff
3,251 Points
2015-06-17 1:00 am
Hello Joepostscript,

Yes if you purchased an ssl for mail.yourdomain.com it would remove the secure SMTP errors when connecting to the server.

Best Regards,
TJ Edens

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

14 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!