SSL certificate error: site not secure – fix it now

Advertising

SSL certificate error: site not secure – fix it now

You get a quick, action-packed checklist to stop ad losses and regain visitor trust. I show you how to check expiry, renew and install certificates on cPanel, Nginx, and Apache, fix mixed content, resolve mismatch errors, force HTTPS, clear browser cache, and validate with online checkers. Simple server and browser steps to handle an SSL certificate error: site not secure – fix it now.

Quick checklist to fix SSL certificate error: site not secure – fix it now

If you see “SSL certificate error: site not secure – fix it now”, act fast. First, check the certificate expiration and domain name on the cert — an expired or wrong-domain cert is the usual culprit. Login to your hosting/control panel, find the SSL area, and look for renew, install, or replace buttons. If your cert is from Let’s Encrypt, a quick renewal often fixes it; if it’s paid, contact your Certificate Authority or host.

Make sure the full certificate chain is installed — missing intermediate certificates will break trust in many browsers. Check for mixed content (images or scripts loaded over HTTP) and force HTTPS by redirecting HTTP traffic to HTTPS. Consider HSTS only after the site is stable over HTTPS.

Don’t wait if you run ads or sell things. A broken SSL kills user trust and can drop your ad revenue fast. Keep a backup copy of your working certificate and a simple rollback plan. If you feel stuck, contact your host or developer — a few minutes now can save lost clicks and money.

Check SSL certificate validity online

Use a scanner like SSL Labs, Why No Padlock, or SSL Shopper for a quick health report — they show expiry date, chain issues, and cipher problems. You can also verify in your browser by clicking the padlock near the address bar to see the issuer, valid from/to dates, and whether the domain matches. For a deeper look, use openssl s_client on your server to pull the cert details.

Simple server and browser steps

Server side:

Advertising
  • Restart your web service after installing a new cert (Nginx/Apache) so it picks up the change.
  • Ensure your virtual host is bound to port 443 and points to the right cert files.
  • Update CDN or load balancer certs if you use them.

Browser side:

  • Clear cache and try an incognito window to avoid cached errors.
  • Ensure device date/time are correct — a wrong clock can make a valid cert look expired.
  • If the site works in one browser but not another, note the exact browser error and compare with online checkers.

Stop ad revenue loss fast

If ads stop showing because of an SSL problem, act immediately: temporarily redirect users to a secure landing or maintenance page on HTTPS, contact your ad network to explain the fix is underway, or use a CDN/backup domain with a valid cert to cut revenue loss while you fix the main cert.

How to check if your SSL is expired

Open your site and click the padlock next to the address bar. If the browser shows Not Secure or an SSL certificate error: site not secure – fix it now message, that’s a red flag. Click the padlock, view Certificate or Connection is secure, and check the expiry date.

For more detail, view certificate fields for Not After (expiry), issuer, and whether the chain is complete. Use OpenSSL if you prefer the terminal. Keep a calendar reminder for certificates — an expired cert can pause monetization and traffic.

SSL certificate expired — how to fix

  • Renew the certificate with your CA or via your hosting control panel.
  • For Let’s Encrypt, enable auto-renewal (certs last ~90 days).
  • For paid certs, purchase renewal and upload the new cert plus any intermediates.
  • After installation, restart your server/CDN, verify the expiry date, check the chain, and run an online scan.

Use online tools to view expiry date

Tools: SSL Labs, SSL Shopper, Why No Padlock, and certificate logs like crt.sh. They show the Not After date, issuer, and server configuration.

Renew before your ads stop

Ad networks often hide ads on sites with Not Secure warnings. Set up auto-renewal or a calendar alert today to avoid revenue pauses.

How to install SSL certificate on website

Steps:

  • Generate a CSR (Certificate Signing Request) on your server, keep the private key safe.
  • Request a cert from Let’s Encrypt or a paid provider and complete domain validation.
  • Upload the issued cert files and any intermediate chain to your server.
  • Force HTTPS so visitors always use the secure site.

If you see “SSL certificate error: site not secure – fix it now”, re-check certificate files, confirm DNS and virtual host settings, and reissue the certificate if the private key changed. Small mistakes (wrong file, forgetting to restart) are common and quick to fix.

Install SSL certificate on website — steps

  • Generate a CSR with correct domain names (use SANs for multiple hosts).
  • Submit CSR to CA and complete validation.
  • Download cert intermediate files, upload to the server, configure server to use them.
  • Redirect HTTP → HTTPS, test for mixed content, and set up auto-renewal if possible.

Common server setups: cPanel, Nginx, Apache

  • cPanel: SSL/TLS → Install and Manage SSL, paste the certificate, private key, and CABUNDLE, then Install.
  • Nginx: place .crt and .key in /etc/ssl (or similar), set sslcertificate and sslcertificate_key in the server block, then reload Nginx.
  • Apache: enable SSL module, set SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile if needed, then restart Apache.

Validate installation with a checker

Use SSL Labs or Why No Padlock to test for chain issues, expired certs, TLS problems, and mixed content. If the tool flags “SSL certificate error: site not secure – fix it now”, follow its suggestions (usually missing intermediates, wrong hostname, or expired files) and recheck.

Renew SSL certificate — guide for beginners

Think of an SSL certificate like a passport for your site: when it expires visitors get turned away. If you see SSL certificate error: site not secure – fix it now, renew, test, and deploy the new certificate so your HTTPS lock returns.

Start by checking where your certificate came from and when it expires. If your host manages SSL, you may only need to click renew; if you manage the server, handle key pairs, CSRs, and installs. Back up keys/configs before changes and make small verifiable steps: request the new cert, install it, then test.

Renew SSL certificate guide — steps

  • Identify your certificate type and authority (Let’s Encrypt, paid CA, or managed SSL).
  • Generate a CSR and keep the private key secure.
  • Submit CSR or use an ACME client to request a cert.
  • Install the new cert and restart the server. Test with curl or an SSL checker.
  • If browser still shows warnings, clear cached HSTS/cert data or revert to backup and retry.

Automated renewal with Let’s Encrypt

Use Certbot or another ACME client to automate renewals. Configure post-renew hooks to reload Nginx/Apache. Do a –dry-run to confirm everything works and set cron/systemd timers for regular checks.

Schedule renewals to avoid downtime

Create a cron job or systemd timer, include –dry-run tests, and pair with monitoring alerts so you get notified before expiry. Test monthly.

Fix mixed content causing site not secure

Mixed content occurs when an HTTPS page loads resources over HTTP. That breaks the lock and can block ads/payment widgets.

Fix it by:

  • Backing up site and DB.
  • Searching for hardcoded http:// links and replacing with https:// or protocol-relative URLs.
  • Updating theme files and plugins; host vendor resources locally if they only serve HTTP.
  • Clearing caches and retesting.

If you see SSL certificate error: site not secure – fix it now, mixed content is often the issue.

Find mixed content with browser console

Open DevTools (F12) → Console, reload the page, and look for Mixed Content or blocked resource messages. The Network tab shows which requests used http://.

Replace HTTP links with HTTPS

Run a safe site-wide search-and-replace, use plugins/scripts that respect serialized data, and keep your backup. For non-HTTPS resources, host locally or remove the resource. Add server-level 301 redirects from HTTP to HTTPS.

Tools to scan for mixed content

Use Why No Padlock, SSL Labs, Screaming Frog, or Sitebulb. Browser extensions and CMS plugins can also help.

Fix SSL certificate mismatch error fast

A mismatch means the certificate does not list the hostname being visited. Check the certificate’s CN and SAN entries — the hostname must appear there (www vs non‑www, subdomains, etc.). If not, reissue or buy the correct certificate (single-domain, wildcard, or multi‑domain/SAN).

Steps:

  • Check domain names in CN/SAN.
  • Reissue or purchase the correct cert and install it.
  • Correct hostname typos and CDN/proxy settings (watch Cloudflare Flexible mode).

Common mistakes: missing www, using an IP address, wildcard at wrong level, or forgetting a subdomain.

Site not secure Chrome fix for your visitors

Chrome shows clear messages like “Your connection is not private” and errors such as NET::ERRCERTDATEINVALID or NET::ERRCERTCOMMONNAME_INVALID. It checks expiry, domain, and the chain.

As a visitor: check device clock, try another network, clear cache. Don’t enter passwords on a site showing warnings.

As an admin: renew expired certs, install the full chain, fix CN/SAN issues, enable auto-renewal, test with SSL Labs, fix mixed content, and deploy redirects. Only enable HSTS once everything is reliably HTTPS.

Clear browser cache and HSTS notes

Clear cache (CtrlShiftDel) and manage HSTS at chrome://net-internals/#hsts. To remove HSTS from the site, send Strict-Transport-Security: max-age=0 before re-enabling it properly.

Force HTTPS redirect to fix site not secure

Force HTTPS with server-side redirects (301) so visitors land on the secure site automatically. After redirecting, check for mixed content — leftover HTTP resources will keep the page flagged as insecure.

Server redirect rules for Apache and Nginx

  • Apache: add a rewrite rule in .htaccess or virtual host to redirect HTTP to HTTPS (301).
  • Nginx: create a server block on port 80 that returns a 301 to the https:// version, preserving query strings.

Test redirects to avoid loops.

Use HSTS carefully to secure your site

HSTS forces browsers to use HTTPS for a set time. Start with a short max-age, test, then increase. Beware of includeSubDomains and preload — those are permanent decisions.

Test redirects to avoid redirect loops

Use a browser and curl to confirm no redirect loops. Loops often appear when server and app both redirect or checks misfire.

How SSL errors hurt your monetization

Security warnings cause visitors to leave immediately — fewer clicks, less time on page, and lost ad views. Ad networks and payment processors may lower bids, throttle fills, or put holds on payouts. Fixing the certificate late costs more than the renewal: lost revenue, support time, and rebuilding trust.

Ad networks and payment trust risks

Ad networks mark risky inventory and may suspend accounts. Payment processors can stall checkouts if insecure pages are detected. A single SSL lapse can freeze payouts until proved secure.

SEO and traffic losses from site not secure

Browsers label insecure or broken-SSL pages Not Secure and users avoid them. Google prefers secure sites; broken SSL leads to ranking drops and less visibility.

Quick monetization recovery checklist

If you get an alert like “SSL certificate error: site not secure – fix it now”, do this:

  • Buy or renew a trusted SSL certificate.
  • Install it and ensure full chain is present.
  • Force HTTPS with 301 redirects.
  • Fix mixed-content errors and update CDN/ad tags to HTTPS.
  • Clear caches and verify intermediate certs.
  • Run an SSL test.
  • Contact ad networks/payment processors to request payout and review.

If you follow these steps, you’ll stop the warning, restore trust, and recover revenue quickly. Remember: treat SSL certificate error: site not secure – fix it now as an urgent fix — it’s often a few minutes of work for a big payoff.