How to fix ssl error on Webflow

Steps for Webflow

1. Webflow automatically provisions SSL certificates for published sites on webflow.io subdomains and for custom domains added through the Webflow dashboard.
2. Go to: Webflow Designer → Site Settings (gear icon) → Publishing → Custom Domains.
3. Add or re-verify your custom domain. Webflow will display the required DNS records (A record and CNAME) — ensure these are set at your domain registrar.
4. Click 'Publish' after DNS records are confirmed; Webflow will provision an SSL certificate automatically.
5. If the certificate shows a mismatch, remove the custom domain from Webflow, confirm DNS has fully propagated (use a DNS checker), then re-add the domain.
6. Webflow does not support uploading custom SSL certificates — certificates are fully managed by the platform.

What is ssl error?

Every HTTPS website uses an SSL/TLS certificate to prove its identity to browsers and to encrypt the connection. The certificate must explicitly list the domain name (or names) it is allowed to protect. A "hostname mismatch" error means the certificate installed on your server was issued for a different domain than the one visitors are actually trying to reach — for example, the certificate covers "www.yourstore.com" but not "yourstore.com" (or vice versa), or it was issued for a completely different domain altogether. Browsers and security scanners treat this as a critical failure and refuse to establish a trusted connection.

When a hostname mismatch exists, most modern browsers display a full-page "Your connection is not private" warning before visitors can even see your store. This kills conversions — the majority of shoppers will leave immediately rather than click through a security warning. Google also uses HTTPS as a ranking signal and can demote or omit pages it cannot crawl securely. Beyond lost sales and rankings, transmitting payment and personal data over an untrusted connection is a serious security risk and may violate PCI DSS compliance requirements for accepting card payments. This maps directly to OWASP A02:2021 — Cryptographic Failures.

See the complete Ssl error guide for every platform and the full background.