This site uses cookies and other tracking technologies to make possible your usage of the website, assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide better user experience.

By using the website, you agree to our Privacy policy

Accept and continue

Report a bug

Cancel
37
How-to 9 min read October 2, 2019

How to check the validity of an SSL domain certificate

SSL certificates are a way of protecting personal data that users leave on a website. When a web resource switches to HTTPS, it is necessary to sequentially configure an SSL certificate on the server and check it for validity.

What is an SSL certificate and why is it necessary

Users often specify personal data on websites, that is, account passwords, email addresses, phone numbers. In addition, the number of web resources that make it possible to make an online purchase is increasing — online stores, banks, ticketing services, and other commercial projects.

During transactions, users specify the credentials of their payment cards. Sometimes attackers try to intercept information from the closed part of a website.
SSL-certificate provides data transfer via a secure protocol which is a set of rules for the browser and server. The exchange of information between the web resource and the browser is safe, as it takes place through a secure channel.
Confidential user information is transmitted in encrypted form with the respective digital signature of the certificate.

A reliable website should be credible providing conditions for the protection of personal data of customers both in e-commerce and on resources for communication and exchange of information. An SSL certificate is a way to protect users' personal data on any website.
Your connection is not secure

How to identify a secure website

A website that uses a secure connection protocol usually has a lock icon in the address bar of the browser. It may also indicate "Secure" or the name of the company that the web resource represents. Upon receipt of an SSL certificate, the site extension changes from HTTP to HTTPS.
Secure HTTPS Website
In the address bar of sites with the standard HTTP protocol, the status is usually indicated as "Not secure".
Site without SSL certificate
If a website with the HTTPS protocol uses an invalid certificate (for example, an expired one) or contains mixed content (for example, downloads scripts via HTTP), the browser may block its download, paying attention to an insecure connection.

How to choose an SSL certificate

Paid or free SSL certificate

The first step is to determine the type of Internet resource and the level of information security control required for it.

If a payment system is connected to a website and a user entrusts their bank card credentials to it, you should buy an SSL certificate with advanced verification. Besides, the service provider must be reliable.

A free SSL certificate, for example, from Let's Encrypt, may be suitable for an information resource, blog, or business card website.

Certificate types by validation level

SSL certificates can be divided into three categories. Each of them determines the conditions for the transition to the HTTPS protocol, as well as the timing of the document issue.
1
Domain validation (DV). To get an SSL certificate for a domain, simply verify your ownership of it. After that, a letter with a link and a code arrives at the email address within a day.
2
Organization validation (OV). The domain name must be associated with an officially registered company. In addition to the email address, you must specify other contact details for verification.
3
Extended Validation (EV). Such a certificate requires not only official registration of the company but also compliance with international standards in the field of finance.

The result of a successful extended validation will be the display of the company name in the address bar of the browser. Issuing such a certificate usually takes several days.

Certificate types by domain count

In addition to securing a specific website, for example, www.mysite.com, you can get one SSL certificate for several domains: www.mysite1.com, mysite2.com, mysite.biz, etc.

The maximum number of domains that a single multi-domain certificate (MDC) protects depends on the provider. For example, it can be 100 or 250 websites. Often the configured limit can be increased at an additional cost.

How to install an SSL certificate on a domain

Typically, installing a certificate includes three main stages: requesting a certificate, receiving files from an SSL provider by e-mail and setting up a certificate on a hosting.

Certificate signing request

Certificate Signing Request or a CSR request is a file with information about the domain and the company for which the certificate is required. The file also contains a public key. When filling out data in a file or form of the service generating the request, it is important to be careful and double-check the information before submitting it.

Getting files for certificate setup

After SSL is activated, the certification authority sends the necessary files to the applicant's email. They need to be saved on a PC for future work.

Installing a certificate on the hosting

Using the data to access the hosting, you should install the SSL certificate on the domain. This can be done through the hosting toolbar, website admin panel or a command line.

The certificate is often configured on the hosting by filling out a special form, or uploading key files and sending them for verification. You can also work with files with the extension .crt in the section responsible for SSL settings.

Some providers offer a one-click certificate request. In this case, it is enough for the website owner to order and pay for the service; the hosting provider will do the rest for them.

How to check the validity of SSL certificates

Validation of the SSL certificate is the final step after it is installed on the server. There are several ways to do this.

Online services

In an online service, in order to analyze the correct operation of SSL certificates, you need to enter the website URL and start the validation process. Ssl4less or Sslshopper are suitable tools for online validation testing.

As a result of testing, several blocks will be displayed that indicate the compatibility of the certificate with browsers, its validity period, and also help to identify errors in its operation.
Online SSL certificate verification and evaluation

Google Chrome Browser

When you click on the lock in the address bar of the web page, a drop-down list appears, among which there is the string "Certificates" and the corresponding status, for example, "valid". You can also address the console using the key combination Ctrl + Shift + I and select the Security tab.

What to do if the SSL certificate is invalid

Errors may occur when checking the installed certificate for validity. Let's consider the main problems and ways to solve them.
1
The certificate has expired.

Solution: Tracking certificate validity and timely replacement.
SSL certificate validity period
2
The certificate is incompatible with the browser.

Solution: The browser must support the Server name indication. Browsers generally support SNI. If such a problem occurs, you need to update your browser or configure a dedicated IP address.
3
The domain in the SSL certificate does not match the website name in the address bar. For example, in the certificate the host is indicated with the prefix "www" (for www.mysite.com), and you cannot get to mysite.com.

Solution: List all hostnames that are related to this Internet project in the certificate.
4
Obstacles to crawling and indexing a website on HTTPS.

Solution: Analyze the robots.txt file; it should not block the website's scanning for HTTPS, and the number of noindex tags should be minimized.
5
The content of the HTTP and HTTPS pages is different.

Solution: Track and make sure that the content of such pages is identical.

Conclusion

Configuring an SSL certificate and checking its validity are ways to increase the website reliability. A web resource with the HTTPS protocol has higher ranking perspectives, and a domain certificate is an important condition for the optimization of any website.
This article is a part of Serpstat's "Site Audit" tool
SEO Audit in Serpstat
Audit all the site or page in one click. A complete list of errors, sorted by severity, ways to resolve them and recommendations. Any frequency of verification and automatic email reports.
Run Site Audit

Learn how to get the most out of Serpstat

Want to get a personal demo, trial period or bunch of successful use cases?

Send a request and our expert will contact you ;)

Rate the article on a five-point scale

The article has already been rated by 0 people on average out of 5
Found an error? Select it and press Ctrl + Enter to tell us

Share this article with your friends

Sign In Free Sign Up

You’ve reached your query limit.

Or email
Forgot password?
Or email
Back To Login

Don’t worry! Just fill in your email and we’ll send over your password.

Are you sure?

Awesome!

To complete your registration you need to enter your phone number

Back

We sent confirmation code to your phone number

Your phone Resend code Queries left

Something went wrong.

Contact our support team
Or confirm the registration using the Telegram bot Follow this link
Please pick the project to work on

Personal demonstration

Serpstat is all about saving time, and we want to save yours! One of our specialists will contact you and discuss options going forward.

These may include a personal demonstration, a trial period, comprehensive training articles & webinar recordings, and custom advice from a Serpstat specialist. It is our goal to make you feel comfortable while using Serpstat.

Name

Email

Phone

We are glad of your comment
Upgrade your plan

Upgrade your plan

Export is not available for your account. Please upgrade to Lite or higher to get access to the tool. Learn more

Sign Up Free

Спасибо, мы с вами свяжемся в ближайшее время

Invite
View Editing

E-mail
Message
Optional
E-mail
Message
Optional

You have run out of limits

You have reached the limit for the number of created projects. You cannot create new projects unless you increase the limits or delete existing projects.

I want more limits