Ssl error

Moderate effort

Replace or reissue your SSL/TLS certificate so it is valid for the exact domain name your store uses, eliminating the hostname mismatch error.

What it is

Every HTTPS website uses an SSL/TLS certificate to prove its identity to browsers and to encrypt the connection. The certificate must explicitly list the domain name (or names) it is allowed to protect. A "hostname mismatch" error means the certificate installed on your server was issued for a different domain than the one visitors are actually trying to reach — for example, the certificate covers "www.yourstore.com" but not "yourstore.com" (or vice versa), or it was issued for a completely different domain altogether. Browsers and security scanners treat this as a critical failure and refuse to establish a trusted connection.

Why it matters

When a hostname mismatch exists, most modern browsers display a full-page "Your connection is not private" warning before visitors can even see your store. This kills conversions — the majority of shoppers will leave immediately rather than click through a security warning. Google also uses HTTPS as a ranking signal and can demote or omit pages it cannot crawl securely. Beyond lost sales and rankings, transmitting payment and personal data over an untrusted connection is a serious security risk and may violate PCI DSS compliance requirements for accepting card payments. This maps directly to OWASP A02:2021 — Cryptographic Failures.

How to fix it

Identify the exact domain(s) visitors use to reach your store — both the www and non-www versions (e.g. yourstore.com AND www.yourstore.com), plus any custom subdomains.
Log in to where your SSL certificate is managed — this is usually your hosting provider, your domain registrar, or your ecommerce platform's dashboard.
Check the current certificate's 'Common Name' (CN) and 'Subject Alternative Names' (SANs) fields to confirm which domains it covers; compare these against the domains from step 1.
Request a new or replacement certificate that lists ALL required hostnames as SANs. If you use a free provider such as Let's Encrypt, the certificate provisioning tool (e.g. Certbot) can do this automatically. If you purchased a certificate, re-issue it from your Certificate Authority with the corrected domain list.
Install the new certificate on your server or upload it via your platform's SSL settings and confirm the old certificate is replaced.
Verify the fix using a public SSL checker tool (e.g. SSL Labs) — confirm the certificate is valid, covers all required hostnames, and the chain is complete with no errors.

Fix it on your platform

Pick your platform for the exact steps.

How to fix ssl error on Shopify

Shopify provisions and renews SSL certificates automatically for all stores on the myshopify.com subdomain and for custom domains added correctly through Shopify.
Go to: Shopify Admin → Settings → Domains.
If your custom domain shows a warning or 'SSL unavailable', click the domain name and then click 'Re-verify connection' or remove and re-add the domain.
Ensure your DNS A record points to Shopify's IP (23.227.38.65) and your CNAME for www points to shops.myshopify.com — a misconfigured DNS record is the most common cause of certificate mismatch on Shopify.
Allow up to 48 hours after correcting DNS for Shopify to automatically re-provision a valid certificate. If it persists beyond 48 hours, contact Shopify Support.

Full Shopify guide →Official Shopify docs ↗

How to fix ssl error on Shopify Plus

The process is identical to standard Shopify — SSL is managed automatically by the platform.
Go to: Shopify Admin → Settings → Domains and verify DNS records match Shopify's required values.
For expansion stores or custom checkout domains, ensure each domain/subdomain is added individually under Settings → Domains and has correct DNS pointing to Shopify.
Shopify Plus merchants with a dedicated Merchant Success Manager can escalate SSL provisioning issues directly to that contact.

Full Shopify Plus guide →Official Shopify Plus docs ↗

How to fix ssl error on WooCommerce

WooCommerce runs on WordPress (self-hosted), so SSL is managed at the hosting layer, not inside WordPress itself.
Log in to your hosting control panel (cPanel, Plesk, Kinsta, WP Engine dashboard, etc.).
Navigate to the SSL/TLS section (cPanel: Security → SSL/TLS or 'Let's Encrypt SSL').
Issue or re-issue a certificate that covers BOTH yourstore.com AND www.yourstore.com as SANs — most hosts offer a free Let's Encrypt certificate covering both with one click.
After installing the new certificate, go to WordPress Admin → Settings → General and ensure both 'WordPress Address' and 'Site Address' start with https://.
Install the 'Really Simple SSL' plugin if you need help forcing HTTPS site-wide and verifying the certificate is being served correctly.

Full WooCommerce guide →Official WooCommerce docs ↗

How to fix ssl error on BigCommerce

BigCommerce automatically provisions SSL for your store's default domain (*.mybigcommerce.com) and for custom domains connected through their system.
Go to: BigCommerce Admin → Store Setup → Domain.
If your custom domain has an SSL issue, verify that your DNS CNAME record points to your BigCommerce store URL (shown in the Domain settings page).
Remove the custom domain and re-add it to trigger a fresh certificate provisioning if the mismatch persists.
For multi-storefront setups, each domain must be added separately and have its own DNS record pointing to BigCommerce.
Contact BigCommerce Support if automatic provisioning fails after DNS is confirmed correct.

Full BigCommerce guide →Official BigCommerce docs ↗

How to fix ssl error on Wix

Wix provisions and manages SSL certificates automatically for all sites, including custom domains connected through Wix.
Go to: Wix Dashboard → Settings → Custom Domains.
Verify your domain is connected and the status shows a green checkmark. If not, click the domain and follow the 'Fix It' prompt.
Ensure your domain's DNS A record and CNAME record match the values Wix provides in the domain connection wizard (found under Settings → Custom Domains → Manage DNS).
Once DNS is correctly pointed to Wix, SSL is provisioned automatically — allow up to 24 hours.
Wix does not allow you to upload a custom SSL certificate on standard plans; the platform manages certificates entirely.

Full Wix guide →Official Wix docs ↗

How to fix ssl error on Squarespace

Squarespace automatically provisions free SSL certificates (via Let's Encrypt) for all sites, including custom domains.
Go to: Squarespace Admin → Settings → Domains (or Website → Pages → Website Tools on older navigation).
Click your custom domain and confirm it is 'Active' with SSL enabled.
If SSL shows as unavailable, the most common cause is incorrect DNS — ensure your domain's CNAME record points to ext-cust.squarespace.com (for subdomains/www) and/or the A record is pointed to Squarespace's correct IP.
Toggle 'HTTPS Encryption' on under Settings → Advanced → SSL if it appears disabled.
Allow up to 72 hours after DNS correction for the certificate to be issued. Contact Squarespace Support if the issue persists.

Full Squarespace guide →Official Squarespace docs ↗

How to fix ssl error on Webflow

Webflow automatically provisions SSL certificates for published sites on webflow.io subdomains and for custom domains added through the Webflow dashboard.
Go to: Webflow Designer → Site Settings (gear icon) → Publishing → Custom Domains.
Add or re-verify your custom domain. Webflow will display the required DNS records (A record and CNAME) — ensure these are set at your domain registrar.
Click 'Publish' after DNS records are confirmed; Webflow will provision an SSL certificate automatically.
If the certificate shows a mismatch, remove the custom domain from Webflow, confirm DNS has fully propagated (use a DNS checker), then re-add the domain.
Webflow does not support uploading custom SSL certificates — certificates are fully managed by the platform.

Full Webflow guide →Official Webflow docs ↗

How to fix ssl error on Adobe Commerce (Magento)

Adobe Commerce (self-hosted or cloud) requires you or your hosting/DevOps team to manage SSL certificates at the server or load balancer level.
For Adobe Commerce Cloud: log in to the Cloud Console (cloud.magento.com), select your project and environment, go to Settings → Variables or contact Adobe Support to upload a new SSL certificate via the CLI: `magento-cloud domain:update yourstore.com --cert=cert.pem --key=key.pem --chain=chain.pem`.
For self-hosted Magento: access your server and use your CA (e.g. Let's Encrypt / Certbot) to issue a new certificate: `sudo certbot --apache -d yourstore.com -d www.yourstore.com` or the nginx equivalent.
Ensure the certificate SANs cover all domain variants your store uses (bare domain, www, and any subdomains).
In Magento Admin → Stores → Configuration → Web → Base URLs (Secure), confirm the base URL starts with https:// and matches the exact domain on the certificate.
Flush Magento's cache (Admin → System → Cache Management → Flush Cache) after any URL or SSL changes.

Full Adobe Commerce (Magento) guide →Official Adobe Commerce (Magento) docs ↗

How to fix ssl error on Magento Open Source

SSL management is identical to Adobe Commerce self-hosted — handled at the server/hosting level, not inside the Magento admin panel.
Use your hosting control panel (cPanel/Plesk) or Let's Encrypt/Certbot on the command line to issue a certificate that covers all domain variants.
Run: `sudo certbot --nginx -d yourstore.com -d www.yourstore.com` (adjust for Apache if needed).
In Magento Admin → Stores → Configuration → Web, update Secure Base URL to use https:// with the correct domain.
Flush Magento cache after changes.

Full Magento Open Source guide →Official Magento Open Source docs ↗

How to fix ssl error on PrestaShop

SSL is managed at the hosting layer for self-hosted PrestaShop installations.
Log in to your hosting control panel and issue or re-issue an SSL certificate (Let's Encrypt recommended) covering yourstore.com and www.yourstore.com.
In PrestaShop Admin → Shop Parameters → General, enable 'SSL' and 'Force SSL on all pages'.
Ensure 'Shop domain' and 'SSL domain' fields (Admin → Configure → Shop Parameters → General → Set Shop URL) exactly match the domain on the certificate.
Clear PrestaShop cache: Admin → Advanced Parameters → Performance → Clear cache.

Full PrestaShop guide →Official PrestaShop docs ↗

How to fix ssl error on BigCommerce for WP

SSL is managed at the WordPress/hosting layer for the frontend and at BigCommerce for the cart/checkout backend.
Follow the WooCommerce/WordPress steps to fix SSL on the WordPress frontend (hosting control panel → renew/reissue certificate).
The BigCommerce-hosted checkout uses BigCommerce's automatically managed SSL — no action needed there unless the custom domain connected to BigCommerce has a DNS issue (see BigCommerce steps above).

Full BigCommerce for WP guide →Official BigCommerce for WP docs ↗

Does your site have this issue?

Run a free SEOLZ audit to find ssl error — and every other issue — across your whole site in minutes.

Scan my site free

Frequently asked questions

What is Ssl error?

Why does ssl error matter?

How do I fix ssl error?