About certificate errors
Windows 7 More
Here are answers to some common questions about certificate errors.
Why do certificate errors occur?
Certificate errors occur when there's a problem with a certificate or a web server's use of the certificate. A website's certificate identifies the web server and it enables Internet Explorer to establish a secure connection with the site. Internet Explorer can help keep your information more secure by warning you about certificate errors.
How do I know there is a certificate error?
Usually, a blocking page will appear that will warn you about the problem with the certificate. If you choose to ignore the error and continue, the Address bar will turn red and the message Certificate Error will appear in the Security Status bar (next to the Address bar).
Can I go to a website that has a certificate warning?
Yes. While this isn't recommended, you can click Continue to this website (not recommended) on the certificate error blocking page to go to the website. If you ignore the warning page and go to a website that has presented a certificate containing an error, Internet Explorer will remember the certificate while you have your browser open. You can return to the site without receiving another warning for that certificate until Internet Explorer is restarted. However, you will still see the red Address bar and the message Certificate Error in the Security Status bar.
Can I turn off certificate checking?
No, you can't turn off certificate checking in Internet Explorer. If you're receiving certificate errors, it means the website you're visiting is having certificate problems and it doesn't indicate a problem with Internet Explorer.
I'm getting errors on websites I always visit. What should I do?
If you encounter a certificate error at a website you've visited before without errors, it's possible the website is not configured correctly. Try retyping the address you're using. For example, if you're typing the address as https://example.com,
try changing it to https://www.example.com.
It's also possible that the website's certificate has expired and the owner or operator needs to contact the certification authority to renew the certificate to continue using it. This is a website-related problem, and can't be corrected in Internet Explorer. If you're getting errors on a website you've visited successfully, contact the website to report the problem.
Is it ever safe to ignore a certificate warning and continue to a website?
A website's certificate provides identification of the web server. If the certificate has an error, it might indicate that your connection has been intercepted or that the web server is misrepresenting its identity. If you're absolutely positive of the identity of the website, you know that your connection has not been compromised, and you understand the risks, you can choose to go to the website. However, we recommend that you don't ignore a certificate warning.
What about expired certificates? Is it okay to go to a website with an expired certificate?
No, an expired certificate means that the certification authority is no longer reporting on the integrity of the certificate. An expired certificate could be stolen and used by a malicious website.
What do the different certificate errors mean?
The following table contains a list of common certificate errors and information about what they mean.
What it means
This website’s security certificate has been revoked
Don't trust this website. This error message often indicates that the security certificate was obtained or used fraudulently by the website. The encryption key that is specified in the certificate might have been compromised or the user listed in a certificate does not have authority to use it (for example, the company was sold). The certification authority that issued the certificate keeps a list of revoked certificates and that list is checked by Internet Explorer.
This website’s address doesn't match the address in the security certificate
This error indicates that a website is using a digital certificate that was issued to a different web address. This error can also occur if a company owns several websites and uses a certificate that was issued for one web address for another site (for example, for a different department or division). This error should only be ignored if you're confident that the site really is related to the website on the certificate.
This website’s security certificate is out of date
This error occurs when the current date is either before or after the time period during which the certificate is valid. Websites must renew their certificates with a certification authority to stay current. Outdated certificates can be a security risk. After a certificate expires, the certification authority that issued the certificate is no longer responsible for ensuring that the certificate is not misused.
This website’s security certificate isn't from a trusted source
This error occurs when the certificate has been issued by a certification authority that isn't recognized by Internet Explorer. It's unlikely that this error will occur on a legitimate business or banking site. Phishing sites often attempt to use fake certificates that will trigger this error.
Internet Explorer has found a problem with this website’s security certificate
This error occurs when Internet Explorer finds a problem with a security certificate that doesn't fit any other error conditions. The error can potentially occur because a certificate has been corrupted, tampered with, is written in an unknown format, or is unreadable. You shouldn't trust the identity of the site if the certificate has this error.