My domain gets error stating SSL certificate is not trusted

I tried implementing https on my domain. I keep getting an error stating my connection is not private. At first I generated everything in openSSL for windows by following the instrcutions here https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

When that did not work,I decided to generate the private key and csr in you ssl manager then proceeded to create a certificate in openSSL. However, I still get the same error. What am I doing wrong?

Did you follow the tutorial to generate the certificate? Because the tutorial clearly says the certificate is “self-signed”, meaning it’s not trusted. An SSL certificate is trusted if it’s generated by a trusted SSL certificate provider, meaning a self signed certificate can never be a trusted certificate. You’ll need to get a certificate from a certificate provider like StartSSL.

I see, apologies, I am a bit new at this so I didn’t know what self signed meant. I have tried using StartSSL to get a certificate butnI can’t get past the domain verification because i don’t know which of the following email to choose.
abuse@infinityfree.net
postmaster@epizy.com
hostmaster@epizy.com
webmaster@epizy.com
postmaster@travelbuddy.epizy.com
hostmaster@travelbuddy.epizy.com
webmaster@travelbuddy.epizy.com

@youre77 said:
I see, apologies, I am a bit new at this so I didn’t know what self signed meant. I have tried using StartSSL to get a certificate butnI can’t get past the domain verification because i don’t know which of the following email to choose.

Well, StartSSL is going to send a verification e-mail to the address you select there, so you need to make sure it’s an address you have access to. Which e-mail addresses do you think you could receive the verification e-mail on?

Hmm, my guess would be either one of these three
postmaster@travelbuddy.epizy.com
hostmaster@travelbuddy.epizy.com
webmaster@travelbuddy.epizy.com
since they have my domain on it. But how do I access it? I tried the webmail feature in the control panel but none of them seem to work. Am I wrong?

@youre77 said:
Hmm, my guess would be either one of these three
postmaster@travelbuddy.epizy.com
hostmaster@travelbuddy.epizy.com
webmaster@travelbuddy.epizy.com
since they have my domain on it. But how do I access it? I tried the webmail feature in the control panel but none of them seem to work. Am I wrong?

Well, you’re right about the first part. But can you please explain what doesn’t work about the webmail? Are you unable to receive any e-mail with it, unable to receive e-mail from StartSSL specifically or unable to sign in?

Glad to know I was right about something :slight_smile: To further elaborate my question about the webmail, essentially I am asking how can I login to the email address of my domain? I am not sure where I am supposed to go.

@youre77 said:
Glad to know I was right about something :slight_smile: To further elaborate my question about the webmail, essentially I am asking how can I login to the email address of my domain? I am not sure where I am supposed to go.

You can create e-mail accounts and set the password through your control panel. A link to the webmail login page is available there as well.

It worked! Thanks a lot!

Hi, I just uploaded my certificate a few hours ago, and so far the responsenI get is still saying my certificate is not trusted. How long do I have to wait before the certificate takes effect? Also, I checked my url on ssllabs and so far I got a B rating. I am just wonderingnif that has anything to do with my connection not being trusted

@youre77 said:
Hi, I just uploaded my certificate a few hours ago, and so far the responsenI get is still saying my certificate is not trusted. How long do I have to wait before the certificate takes effect? Also, I checked my url on ssllabs and so far I got a B rating. I am just wonderingnif that has anything to do with my connection not being trusted

A B rating is fine, if it’s not a trusted certificate it would be a straight F. More likely, it’s a caching issue. Browsers (notably Google Chrome) tend to cache certificate details, so you’ll just need to wait a while for it to recheck the certificate, after which it should show as valid.

If you uploaded an invalid certificate, it would have been rejected right away when trying to install it.

It’s been more than a day now but when I try to access the link I still get an invalid certificate error. Should I wait longer? Or did I do something wrong?

@youre77 said:
It’s been more than a day now but when I try to access the link I still get an invalid certificate error. Should I wait longer? Or did I do something wrong?

Again, if the certificate actually was invalid, you wouldn’t have been able to install it. If an SSL checker says your certificate was installed OK, there is nothing else you can do. Just wait (or try with a different browser) for the problem to be solved.

I tried accessing my domain through chromium and the ‘Not Trusted’ message doesn’t appear there. Thanks for the help. One last question though, the server we use here is an apache server right?

@youre77 said:
I tried accessing my domain through chromium and the ‘Not Trusted’ message doesn’t appear there. Thanks for the help. One last question though, the server we use here is an apache server right?

Yes and no. Websites are loaded through Apache for .htaccess support, the content is served by nginx to the end user (nginx is faster and uses less server power).

OK, thanks again