What is this? Secure Connection Failed Server uses an invalid security certificate.

ssl

We had a customer today put in a ticket about a SSL browser error when connecting to their cpanel.

I am unable to access the cPanel section of the website. When I try it says: Secure Connection Failed 12.123.123.123:2083 uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate is only valid for dwhs211.dwhs.net

(Error code: sec_error_untrusted_issuer)

* This could be a problem with the server’s configuration, or it could be someone trying to impersonate the server.

* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.

Then it asks me to add an exception, but when I did it said: “This site attempts to identify itself with invalid information”

Fixing this

First to fix this just go to the bottom of the of the page where you will see a option that says:  Add an exception

Just click that and authorize all requests.

The Reason

We sign our own certs so the browser does not know who has made the cert and gives this error. Our self signed certs are just as secure as any other and work exactly the same. We just do not pay the browser companies to approve our self signed certs because we know they are trusted. Browser companies make their money when people register their SSL certs through them. We do this for all billing connections but for your control panel access it is not needed and you can trust our certs completely.

Basically to not get this error you need to pay to register your SSL with companies like the SSLCA who in turn register the SSL certificate with the browser companies like IE, Firefox, Opera,and Chrome.

This gives confidence to the customer that the SSL cert is safe. If you do not know or trust the company it does mean that the SSL company has verified to some extent that the company is real for you.

More information can be found here: What is SSL? | SSL Wiki