Checking if your site has an SSL certificate is pretty straightforward but there are a few things to keep in mind.
Sometimes a website has an SSL certificate active and working, however the browser shows the connection as Not Secure.
That can be confusing.
So, how can you check if your site has an SSL certificate? Also, if it does have an SSL, why would the browser show the connection as Not Secure?
Not secure
When you go to your website (or any site), you might see a Not Secure warning on the left-hand part of the browser bar.
You might think this has to do with the website not having an SSL certificate.
For example, let’s say our domain name is iqnium.com and that when you type iqnium.com into your browser search bar, there’s a Not Secure sign at the top:
Does this mean there’s no SSL certificate on that site?
Not necessarily.
You’ll need to go to the HTTPS version URL of the website to find out.
HTTPS version URL
When you’re checking for an SSL certificate, you want to always visit the website URL using the https:// version.
For example, if my site URL is iqnium.com, the https:// version URL would be https://iqnium.com
When you type in https://iqnium.com into your browser, you’d see a padlock in place of the previous Not Secure message:
The Padlock means there is an active SSL on the website.
Certificate (valid)
To check for the SSL, click on the Padlock and from the window that opens, click on Certificate (Valid)
Once you click on the Certificate (Valid), you’ll see the SSL certificate info pop up in a new window:
On the main window, you’ll see details about the SSL issuer and expiry date. If you want some more detailed info, you can click Details to get the dropdown.
There are several hosting companies that set up SSL certificates for you automatically on your website for free, our favorites are Skystra and Bluehost.
If you see the Not Secure in the browser for a site even when you’ve checked the SSL certificate is valid and active, it means there are elements (usually images in the WordPress media library, if you’re using WordPress) on the website loading over an insecure connection.
Once the files on your site are switched to HTTPS (for a secure connection), the Padlock from the SSL will pop up in the browser over the HTTPS version URL of your site.