Certificate Is Not Trusted in Web Browser

The following warnings are presented by web browsers when you access a site that has a security certificate installed (for SSL/TLS data encryption) that cannot be verified by the browser.

Internet Explorer: "The security certificate presented by this website was not issued by a trusted certificate authority."

Firefox 3: "www.example.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown." or "www.example.com uses an invalid security certificate. The certificate is not trusted because it is self signed."

Browsers are made with a built-in list of trusted certificate providers (like DigiCert). For some sites, the certificate provider is not on that list. If this is the case, the browser will warn you that the Certificate Authority (CA) who issued the certificate is not trusted. This issue can also occur if the site has a self-signed certificate. While this warning is fairly generic for Internet Explorer, Firefox 3 will distinguish between a certificate issued by the server itself (a self-signed certificate) and another type of untrusted certificate.

If you have a DigiCert certificate and you receive this error, troubleshoot the problem using the sections below. You do not need to install anything on client devices/applications for a DigiCert SSL Certificate to work properly. The first step is to use our SSL Certificate tester to find the cause of error.

Get SSL Plus certificates for just $139/per year

Buy Now Learn More

Self-Signed Certificates

One possible cause of this error is that a self-signed certificate is installed on the server. Self-signed certificates aren't trusted by browsers because they are generated by your server, not by a CA. You can tell if a certificate is self-signed if a CA is not listed in the issuer field in our SSL Certificate tester.

If you find a self-signed certificate on your server after installing a DigiCert certificate, we recommend that you check the installation instructions and make sure that you have completed all of the steps.

If you completed all of the installation steps but are still having an issue, you should generate a new CSR from your server (see the CSR creation instructions) and then reissue the certificate in your DigiCert account by logging in, clicking the order number, and then clicking the reissue link.

Intermediate Certificate Issues

The most common cause of a "certificate not trusted" error is that the certificate installation was not properly completed on the server (or servers) hosting the site. Use our SSL Certificate tester to check for this issue. In the tester, an incomplete installation shows one certificate file and a broken red chain.

To resolve this problem, install the intermediate certificate (or chain certificate) file to the server that hosts your website. To do that, log into your DigiCert Management Console, click the order number, and then select the certificate download link. This file should be named DigiCertCA.crt. Then follow your server-specific installation instructions to install the intermediate certificate file.

Once you import the intermediate certificate, check the installation again using the SSL Certificate tester. In the tester, an incomplete installation shows multiple certificate files connected by an unbroken blue chain.

Intermediate Certificate Issues (Advanced)

If you receive an error using our SSL Certificate tester, you are using a Windows server, and your certificate's issuer is listed as "DigiCert High Assurance EV CA-3", please see this article for instructions on troubleshooting a SSL installation error.

Below are a few more warning messages for different browsers.

Internet Explorer 6: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate. The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority. Do you want to proceed?"

Internet Explorer 7: "The security certificate presented by this website was not issued by a trusted certificate authority. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server."

Firefox 3: "www.example.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown." or "www.example.com uses an invalid security certificate. The certificate is not trusted because it is self signed."