A valid and signed security certificate for websites is required when a website uses the HTTPS protocol. Websites that use a secure connection, https://, are required to install a security certificate to ensure the connection will provide encryption of the contents during transmission of data and a secure identification of the website. Examples of websites that use security certificates for accessing the pages or using the services are:
- Secure web-based email such as Google Mail, Windows Live or Hotmail, or Yahoo! Mail.
- Online shopping stores or websites used for payment transactions using credit card, debit card, PayPal, etc.
- Website or forums that simply want to use https:// to show that their connection to the website or forum is using an encrypted connection and has secured a security certificate from security certification authorities.
- Some blog providers are also using secure protocol for their members to use
- Even Social Networking services such as Facebook or LinkedIn are using https:// protocol for members to sign-in using an encrypted connection.
If you try navigating to such websites that have a certification problem, the connection is blocked in IE and the following message might be displayed:
There is a problem with this website's security certificate.
- The security certificate presented by this website was not issued by a trusted certificate authority.
- The security certificate presented by this website has expired or is not yet valid.
- The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
- Click here to close this webpage.
- Continue to this website (not recommended).
Other security certification problems that IE might display are as follows:
- This website’s security certificate has been revoked
- This website’s address does not match the address in the security certificate
- This website’s security certificate is out of date
- This website’s security certificate is not from a trusted source
- Internet Explorer has found a problem with this website’s security certificate
What to do if Internet Explorer blocks a secure webpage and displays any of the above-mentioned certification errors?
There is no method to turn off security certificate checking in Internet Explorer browser but there is an option to stop Internet Explorer for checking the server certificate revocation. It is not recommended to uncheck that option in IE settings unless you received such instruction from your organization like this one from University of South Carolina.
You cannot correct a certification error by adding the website address to the trusted zone of IE. You can either proceed to visiting the website by clicking continue, or you can close the webpage. You should continue visiting such a webpage only if you trust the website owner, e.g. the website is using an https:// connection, but only their trusted users are aware of the said connection. Do not continue visiting a webpage with security certificate problems in Internet Explorer 7 unless you know it’s only an error. Certification warnings in IE or any browser are displayed because of security issues that it detected. It can pose a great problem for your personal information and your computer as well. Some fraudulent websites or websites that distribute rogue or fake antivirus programs that will steal your money and personal information will try to use https:// protocol using fake, tampered, or outdated certificates that are not assigned to them. This is a trick by the bad guys that has phished victims.
If a trusted website or blog displays a certificate error in IE7, you can help by contacting the owner or webmaster. They may have forgotten to renew their security certificate, or it was tampered with, or the certificate is not installed on the server properly.