SecurityCategory

Top 5 SSL issues to understand (and avoid) 

5 min read
Art Martori

The ubiquitous SSL certificate is often an afterthought when building websites for yourself or for clients. It’s often included with high-performance hosting products, making it tempting to look at it as a set-and-forget application. No second thought is given to potential SSL issues.

But then, that call...

Yep, SSL issues can sure come back to bite you. But staying aware of them can head off an ambush situation that turns your workday into a troubleshooting nightmare. To better prepare yourself, let’s take a quick look at some of the most common pitfalls with SSL.

Top SSL issues to avoid

While the list below is by no means comprehensive, we checked in with our website security experts to uncover which SSL issues are most common.

1. Faulty installation

Most SSL issues that arise during installation and the handoff of information. Fumbling through stuff like email addresses and security keys can create problems including:

  • Domain verification — To verify the owner of the domain that SSL is protecting, an email gets sent to an address specified for that domain. If the email address isn’t recorded or accessible, the domain remains unverified, and the SSL can’t be installed.
  • Code implementation — An alternative verification method involves inserting a code from the SSL provider into the DNS TXT record of the domain. Issues arise when one person purchases the SSL but doesn’t hand off the correct verification code to the person installing it.
  • Name matching — A wildcard SSL can be used to secure not only a website’s primary domain, but also any subdomains (e.g. shop.domain.com) a client has. If all subdomains aren’t supplied to before installation, it’s a cumbersome process to go back and add them.
  • Key duplication — This is another common issue when a client purchases the SSL. They’ll be prompted to enter their key for the certificate signing request. If the client takes action before handoff to their pro, it can result in a duplicate or expired key.

These are just a few of the most common SSL issues that come up during installation. The main takeaway is that a professional should handle the process, end to end, from purchase to final install.

2. Expiration &renewal errors

Most browsers won’t trust an SSL if it has a lifespan of more than 398 days — so the certificate needs to be renewed before that timeframe runs out. Website owners who are averse to auto-renewal might forget to start shopping for SSLs on day 397, letting the certificate expire. When that happens, you may encounter all the SSL issues we just discussed.

3. HTTPS redirects

Moving a site onto SSL should involve redirecting all the old URLs to those on HTTPS. It can be a problem if the redirected URL isn’t exactly what a visitor types — for example, if a frequent shopper at an ecommerce store has bookmarked domain.com, omitting the www. included in the 301 redirect.

This produces a warning that can result in lost traffic, but the fix is easy enough. A pro should configure the SSL for any variations or subdomains of the website address.

4. Google sitemapping

SSL issues with the sitemap can come up when moving an unencrypted website onto HTTPS. Working through all those redirects makes it easy to forget to update the sitemap with HTTPS prefixes. But it can ding a site’s SEO if Google crawls a sitemap where the pages are still using HTTP.

The old sitemap needs to be downloaded, the links updated to HTTPS with a simple find/replace, and then uploaded back to the website’s root folder. The sooner this gets done, the quicker those URLs get indexed, which means better SEO.

On WordPress, many plugins are available to create sitemaps, and these often can update to HTTPS automatically. Not always, though. If a plugin won’t update the sitemap to HTTPS, the best resource is that developer’s help forum — or just re-creating the sitemap manually.

5. Mixed content warnings

When a web page is set up with SSL, but pulls content — such as an image, iframe or JavaScript — from an unencrypted source, it’ll throw an error when it tries to load. This could be an issue for a pro if, say, they build a site to showcase real estate listings, and then hand the keys over to their client.

If the client adds a listing that pulls in images that aren’t stored on SSL, it would be very bad for business. Every link to the listing they tried to publish would display an error, rather than images of a gorgeous mid-century modern property their photographer shared from an unencrypted database.

Closing thoughts on SSL issues

With the importance search engines now place on SSL, it's too easy to assume it's already rolled into the process of building a website. But SSL issues can easily eat up a workday. Perhaps the easiest way to avoid hours of troubleshooting is through a turnkey solution like the Managed SSL Service from GoDaddy.

Experienced experts handle installation and maintenance, and are always just a phone call away. It's a small investment for big peace of mind, knowing clients' sites remain encrypted and in good standing when visitors arrive.

Products Used