What type of security certificate do I need for my website?
When people use the https to go to my website they are told it is not secure and are redirected to another site. What type of security certificate do I need to resolve this issue and where do I purchase one?
As you want to create the trust with your website user, you only need SSL certification. Later you need PCA certificate for self hosted payment method. you can refer more with Google.com site requirements
The possible reason you are finding the error due to the wrong SSL certificate information feeds into the website. I guess your developers developed the website ahia.org (or this company's other websites) in past and they use the same code to develop to build your website and that the reason the error is coming.
You can take following steps:
- Ask your development team whether they've developed ahia.org or this company's other website.
- Talk to Godaddy server team and cross check with them is your website got any virus or malware infection. And ask them to run antivirus on the server, just for safety.
- Then apply for SSL certificate.
- Hire a new development team to execute this SSL certificate aspect. This will help you to cross check your current development teams overall work.
- Change all your passwords. (admin, cpanel etc)
- Remove all ftp logins, create new and also if possible change the database user name password.
- Secure your website.
- Once implement the SSL then verify/test again.
Looks like your site is just membership so protecting standard user info.
Go to NameCheap and purchase an SSL certificate first for Your domain. The best premium is EV SSL which means you have a GREEN bar showing up on your "http" link, which tells users, this is a really legit biz
that's a place to start
Hi Amber, the certification might not have been properly installed or it expired as Chris Sabanty mentioned. A couple other things... the certificate could be under www.amberslists.com and not amberslists.com or vice versa (either www or not). Or parts of the custom system may not be linked to the https:// (such as images, scripts, etc.) which also sometimes throws errors.
I took a quick look and there is the message, "This server could not prove that it is www.amberslists.com; its security certificate is from ahia.org". So my guess is that the certificate was not set up, or was not set up properly. Also, if you try to go to http://amberslist.com, the site does not come up, which also means there's a problem with the domain that needs to be sorted. The site should come up whether you put in www or not.
There are several misconfigurations that could've happened here. The webserver that's responding with requests to https://www.amberlists.com is returning an SSL certificate for the domain ahia.org instead of amberlists.com. When your browser encounters this, it will warn you about the discrepancy and depending on the server configuration could possibly be sending a redirect to your browser, though I'm not experiencing that myself.
While your specific scenario may require some extra steps (i.e. dedicated IP address, Server Name Indication, etc.) your webhost should be able to resolve this for you if your developer can not.