Certificates are proof of identify. When you see the SSL padlock in the browser's address bar or at the bottom of the browser it means that a secure connection between your browser and the website has been established. However, for this connection to be with the real website, the certificate must be valid.
This warning appears when the website is using an invalid SSL certificate. The most common reasons are an outdated certificate and a certificate from an unknown signer.
The warning presents the following information:
Reason for error: why Rapport triggered this error. The options are:
- Addresses do not match: the address you tried to access and the address on the certificate do not match. The addresses should match for the certificate to be valid. Review the two addresses. If the address on the certificate seems suspicious or unrelated to the website you are trying to access choose to block access.
- Unknown certificate signer: the authority which signed the certificate is unknown to Trusteer. Unknown authorities should not be trusted to produce valid certificates. Banks and financial institutions will always use certificates from known signers.
- Certificate out of date: the certificate has expired and is no longer valid. A website that uses outdated certificate has low security standards. Banks and financial institutions will never use expired certificate. Check your computer clock to make sure the date is correct. If the date on your computer is ahead of time this message might popup.
- Bad certificate: the certificate's format is incorrect.
Address on the certificate: each certificate is issued for a specific web address. A website should present a certificate listing its own address. This field shows the address that is on the certificate presented by this website.
Address in the request: the web address to which your browser is directed. This is the address to which you tried to access.
Certificate expiration date: each certificate is limited in time. A website that uses outdated certificate has low security standards
Signer: the authority which issued this certificate. Certificates from unknown authorities should not be trusted.
* If this is an internal (intranet) website:
1. Select the Do not warn me about this website again checkbox, only if you want to prevent Rapport from alerting you about this website in the future.
2. Click Allow Access.
If this is a financial website or an online shop (i.e. where you submit your credit card number), it is recommended to:
1. Click Block Access.
2. Contact the website's support.
If this website is insensitive, you can:
1. Click Allow Access, but proceed with caution and do not submit sensitive information to this website.