There are actually many reasons why this could be happening, some of which could be entirely unrelated to your certificate. So, unfortunately, we can’t give specific advice. But, we would recommend clicking on the “Details” button to get more specific information about this error from the browser.

There are several reasons why this could be occurring or a combination of several. The four most common reasons are:

1. Insecure content, which means there are HTML elements on your site being explicitly linked by http. This would need to be updated via your system administrator.
2. Missing or invalid intermediate chain. Your certificate is issued from an intermediate file. Make sure that you install this alongside your certificate on your server. If you do not have this file please contact your SSL provider.
3. Your certificate is issued with the SHA-1 hashing algorithm. Browsers no longer trust this algorithm. You will need to reissue with SHA-2.
4. It is the incorrect certificate. Sometimes your old expired certificate or a certificate provided by your hosting company or a self-signed certificate is installed on your site. You will need to identify the source of the incorrect certificate and contact that party to resolve the issue.

Yes, you must have a static IP address for an SSL certificate. If you do not have one, you may be able to assign one via your webserver or you may need to purchase one from your web host if you own/operate your webserver (usually only a few dollars a month).

The issue is that your visitors’ browsers are unable to properly identify who issued your certificate. First, confirm that your visitors are not seeing an incorrect or outdated certificate. Once you have made sure that your visitors are seeing the correct certificate, the issue is most likely solved by installing the intermediate certificates.

Below are the links that you can use to download your intermediate certificate from the vendor website:

• https://knowledge.digicert.com/generalinformation/INFO4331.html
• https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1421
• https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1384
• https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548
• https://support.comodo.com/index.php?/Default/Knowledgebase/List/Index/108/sha-2

First, check your certificate license. There are two methods to install your certificate on multiple servers. The first method is to import the certificate, private key, and intermediate files on server #2, #3, etc. Or, create a new CSR and key file on server #2, #3, etc. and reissue the active certificate.

When the certificate is issued, the Certificate Authority (CA) will send an email to the Technical Contact listed on the order. That email will contain the certificate files.

For all technical support matters regarding your SSL certificate, you can contact your SSL provider, if needed. The CA does not provide direct support, but we will be able to help you right away, as we are more specialized. However, you can contact the CA directly for questions and support related to the actual validation process of the SSL certificate.

If you have the original private key on the active certificate, you can install it on the new server or provide it to your new web host. If you do not have the original private key, you will have to reissue your certificate with a new CSR.

You will need to cancel & reorder your certificate and generate a new CSR with the correct common name.

You can add additional domains to an active certificate by reissuing it.