SSL certificates on websites are mainly used to provide a secure connection for online transactions. First, the user’s browser will verify the validity of the SSL certification and if it is okay, the connection continues as secure. But if a server is pretending to be on HTTPS, and its SSL certificate doesn’t match, then the common SSL issues start to arise and most modern browsers will give the user a warning from connecting to the website.
SSL connection errors occur when an SSL enabled website trying to make a secure connection with the server. Based on the type of the connection error the browser experience, it may display a message such as “This Connection is Untrusted”, “The site’s security certificate is not trusted” or “Your Connection is not private”. It is evident that the message ‘Not Secure’ label in the browser’s address bar will give a bad impression on your customers and such SSL issues to be fixed on priority.
Adding SSL to WordPress may sometimes cause unexpected problems. If you encounter problems when adding SSL to an already running WordPress site, this article will introduce how to fix common SSL/HTTPs problems in WordPress. Let’s take a look at some common SSL/HTTPS problems in WordPress and how to fix them.
1. Fix NET :: ERR_CERT_INVALID error
This error message will appear in Google Chrome. There may be some differences in the messages when other browsers display this error, but basically it is not safe to warn users of their connection to your website.
This error message indicates that the user’s browser does not accept the certificate provided by the website, which may be caused by the following reasons:
- SSL certificates are issued to other domain names or subdomains.
- The certificate has expired.
- The web browser does not identify the certification authority.
If the certificate was purchased and installed by the WordPress hosting service provider, then contact them to fix it. If the certificate was installed manually, try to reinstall the certificate or contact the SSL certificate issuer for support on how to SSL problems.
2. Fix WordPress mixed content error after adding SSL / HTTPS
Mixed content errors are caused by file sources (such as pictures, scripts, or style files) still being loaded using the HTTP protocol. If this is the case, a lock icon will be displayed in the browser address bar, with an exclamation mark.
There are two ways to solve SSL / HTTPS mixed content errors in WordPress.
- Use plug-ins to fix mixed content errors
This method is relatively simple, Just install and enable Really Simple SSL plugin.
After enabling the plugin, go to the “Settings”-“SSL” page to view the settings of the plugin. Really Simple SSL does not require any configuration. When enabled, it automatically handles SSL / HTTPS settings and fixes mixed content errors.
Note: The plugin attempts to use output buffering technology to fix mixed content errors, which may have a negative impact on the website. However, if when using a cache plugin, it will only affect the loading of the first page.
3) Manually fix WordPress mixed content errors
This method requires manual troubleshooting, but it is more effective and has better performance. First, confirm that HTTPS is been used in the WordPress settings. Go to the “Settings”- “General” page and make sure that both the WordPress address and the site address are HTTPS addresses.
If the URL address still starts with HTTP, change it to HTTPS. Remember to click save changes after making changes.
Next, find the old HTTP addresses in the WordPress database and replace them with new HTTPS addresses. Install the Better Search Replace plugin. After enabling the plugin, visit the “Tools”-“Better Search Replace” page, enter the URL beginning with http in the “Search” box, and enter the URL beginning with https in the “Replace” box, then the plugin will automatically update the URL in the database address.
If you are still seeing mixed content errors, then we should consider manually inspecting the web page to locate mixed content errors as seen below, and then change http to https from the theme code.
If you are unable to locate the mixed content errors yourself, then you should better consider reaching out to theme developers and for updating the theme.
4. Fix Too Many Redirects error after adding SSL / HTTPS
WordPress allows users to force SSL / HTTPS to the management page by adding the following code in wp-config.php.
define ('FORCE_SSL_ADMIN', true);
However, sometimes this setting can cause “Too Many Redirects” errors. To fix this problem, add the following code in wp-config.php.
define ('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http, https
// so check for https existence
if (strpos ($ _ SERVER ['HTTP_X_FORWARDED_PROTO'], 'https')! == false)
$ _SERVER ['HTTPS'] = 'on';
4. Fix HTTP to HTTPS redirect in WordPress
By default, WordPress will not automatically redirect HTTP to HTTPS. When using a plugin like Really Simple SSL, the plugin will automatically handle the redirection, otherwise, it is needed to be done manually to establish a redirect from HTTP to HTTPS, the following code needs to be added to the .htaccess file.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond% {HTTPS} off
RewriteRule ^ (. *) $ Https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301]
</ IfModule>
If you run into any trouble while implementing the certificate, just follow the ways mentioned in this article. You can easily fix all the SSL issues and keep your website running perfectly.