Troubleshooting SSL Certificate Errors
SSL errors can prevent visitors from reaching your website or trigger browser security warnings that damage trust. This article covers the most common SSL errors on Unisolva hosting and how to resolve each one.
Error: "Your connection is not private" / NET::ERR_CERT_INVALID
This browser error means the SSL certificate for your domain is missing, expired, or does not match the domain being accessed.
Cause 1 - No SSL certificate issued yet
If you recently added the domain or subdomain, AutoSSL may not have run yet.
- Log in to cPanel at yourdomain.com/cpanel
- Go to Security > SSL/TLS Status
- Find your domain in the list - if it shows No Certificate or Pending, click Run AutoSSL at the top
- Wait 5–10 minutes and check again - if AutoSSL succeeds, the padlock appears automatically
Cause 2 - Domain not pointing to the server
AutoSSL can only issue a certificate if the domain resolves to your server's IP address. If your domain's DNS is not yet pointing to Unisolva, AutoSSL will fail.
- Check that your domain's nameservers are set to ns1.totalsolvex.com / ns2.totalsolvex.com
- Verify at whatsmydns.net that the domain's A record resolves to your Unisolva server IP
- Once DNS is correct and propagated, run AutoSSL again in cPanel > SSL/TLS Status
Cause 3 - Certificate is expired
AutoSSL renews certificates automatically, but renewal can fail if your domain went offline or DNS changed.
- Go to cPanel > Security > SSL/TLS Status
- Click Run AutoSSL to trigger an immediate renewal attempt
- If AutoSSL fails again, check the AutoSSL log at cPanel > SSL/TLS Status > View AutoSSL Logs for the specific error
- Open a support ticket at my.unisolva.com with the error message - the team can diagnose and resolve renewal failures
Error: "Mixed Content" or Partial Padlock
Your SSL certificate is valid, but some resources on the page (images, scripts, stylesheets) are still loading over http:// instead of https://.
- Open your browser developer tools (F12 or right-click > Inspect > Console tab)
- Look for "Mixed Content" warnings showing which resources are loading over http://
- For WordPress sites, install the Really Simple SSL plugin or use Better Search Replace to update all http:// references in your database to https://
- For non-WordPress sites, update all hardcoded http:// URLs in your HTML, CSS, and JavaScript files to https://
- Clear your SpeedyCache Pro cache after making changes
|
???? Tip If the mixed content is coming from a third-party embed (map, widget, video), contact the provider - it is their resource that needs to be served over https://. |
Error: "SSL Certificate Does Not Match Domain" / ERR_CERT_COMMON_NAME_INVALID
The SSL certificate installed does not cover the domain you are visiting. This often happens with www vs. non-www mismatches.
- Check that your domain is listed under SSL/TLS Status in cPanel - look for both yourdomain.com and www.yourdomain.com
- If www is missing, go to cPanel > Domains and ensure www is set up as a subdomain or alias
- Run AutoSSL to issue a certificate that covers both the root domain and www
- If you are visiting a subdomain (e.g. blog.yourdomain.com), confirm the subdomain exists in cPanel > Subdomains and has an SSL certificate listed in SSL/TLS Status
Error:"Too Many Redirects" After Enabling HTTPS
After forcing HTTPS, your site enters an infinite redirect loop. This is usually caused by a conflict between the HTTPS redirect in .htaccess and WordPress's own settings, or a caching issue.
- Check that both WordPress Address and Site Address in WordPress > Settings > General start with https://
- If you have a redirect in .htaccess and also the cPanel Force HTTPS Redirect enabled, try disabling one to avoid double-redirect conflicts
- Clear all caches: SpeedyCache Pro cache, any server-side cache, and your browser cache
- If behind Cloudflare, ensure Cloudflare's SSL mode is set to Full (Strict) - not Flexible. Flexible mode causes redirect loops with server-side HTTPS enforcement.
|
⚠️ Warning If your site becomes completely inaccessible due to a redirect loop, disable the HTTPS redirect in cPanel (Domains > Force HTTPS Redirect > OFF) to restore access, then diagnose the root cause before re-enabling. |
AutoSSL Keeps Failing - Advanced Troubleshooting
- In cPanel, go to Security > SSL/TLS Status and click View AutoSSL Logs
- Look for error messages - common ones include:
- "The system failed to acquire a signed certificate - DCV (Domain Control Validation) failed" - your domain's A record is not pointing to this server or the domain is not publicly accessible
- "Rate limit exceeded" - Let's Encrypt limits certificate issuance per domain per week. If you have run AutoSSL many times in rapid succession, wait 7 days.
- "CAA record prevents issuance" - a CAA DNS record is restricting which CAs can issue certificates for your domain. Update the CAA record in cPanel's Zone Editor to allow Let's Encrypt.
- If you cannot resolve the issue from the logs, open a support ticket at my.unisolva.com and include the AutoSSL log output - the team will diagnose and fix it
Quick Reference - SSL Error Checklist
- No padlock at all → Run AutoSSL in cPanel > SSL/TLS Status
- AutoSSL failing → check DNS is pointing to Unisolva server, then check AutoSSL logs
- Partial padlock / mixed content → update http:// resources to https:// in WordPress database or code
- Certificate mismatch → verify www subdomain exists and has SSL coverage
- Too many redirects → check WordPress URL settings, disable double redirects, set Cloudflare to Full Strict
Related Articles
- How SSL Certificates Work on Unisolva Hosting (AutoSSL)
- How to Force HTTPS on Your Website
- How to Manage DNS Records in cPanel (Domains & DNS category)
- Common WordPress Errors and How to Fix Them (WordPress category)
