The browser displays a warning about the certificate not being trusted
- Has the certificate been installed correctly?
Has the certificate been installed correctly and is the new certificate visible when clicking on the lock icon? When the domain name or expiration date doesn't match the issued certificate, the installation was not fully successful or the server should be restarted. - Have the root certificates been installed?
Have the root and intermediate certificates been installed? For proper functioning it's required to install the additional root and intermediate certificates together with your own certificate. The root and intermediate certificates are delivered together with the new certificate. It's also possible to download them. Installation manuals are available for the most common server types. - Did you reboot the server?
Did you reboot the (web)server after installation? Quite often it's needed to completely reboot the actual server (not only the service / daemon). - Did you restart the browser?
Did you restart the webbrowser after installation? Browsers do cache sessions, so after installation this cache has to be cleared. This is best done by restarting. Internet Explorer uses a variation on this, the SSL cache can be erased via Menu Extra → Internet Options → tab Content and click on Clear SSL State. While reconnecting the new certificate should be visible. - Are the certificates transferred completely and in the right order by the webbrowser?
When using ISA server or gateway in the network, it is possible the certificate is not transferred correctly. You could check this with our SSL Check by entering the domain name for which the certificate was requested. The SSL Checker provides feedback on the status of all certificates found. The shown certificates should match those received with the delivery of your certificate. If not and when you're using an ISA server or gateway, you could export the Private Key from the server and install the certificate together with the private key and root and intermdiates on the ISA server or gateway for this connection. - Has the certificate been paired to the website / service?
After installation, it's often required to pair the certificate to the service for which it was ordered, like POP, IMAP and SMTP with Exchange. In our manuals on the support pages and in the Knowledgebase you can review if there might be any additional steps to take after installation.
SSLCheck
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues