Is there a way to prevent visitors from receiving the "The site's security certificate is not trusted!" warning


  • Question

Hi all,

From both Chrome and IE, anyone going to my site,, gets a warning that

"You attempted to reach, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications."

Anyone know a work around?


Your site is initially deployed using a self-signed server certificate. Some browsers will display a warning about this. In this particular case, you can safely tell your browser to trust this certificate. Only people who visit your site over HTTPS will see this warning. The only people who need to do this will be those who log in to your site, such as yourself and other content editors.

IS&T updates sites periodically to replace self-signed certificates with InCommon certificates. InCommon certificates are available free of charge, but since they require some staff time to request and install, we periodically request them for sites which appear to have production-ready names, and which appear to have been configured.

If your site is nearing official deployment, and you would like an InCommon certificate for it, please let us know at; please allow turn-around time of two days to a week on this.


By default a site will try to use https for forms. If you uncheck the box "Redirect form pages to secure URL" under Home-Administration-Configuration-People.
that seems to fix the security certificate problem.
This may not be advisable depending on what your forms are doing (e.g. asking for usernames or other sensitive information." Somebody with more experience can comment on this as a fix.