If you get the following error while installing the widget:

Connection error. API Imbachat.com could not connect to your site, please check your server settings ,

then this article is for you.

The error occurs due to an incorrectly configured server or due to issues with the issuance of the SSL security certificate and .htaccess.

You need to make sure that your site works without any errors, and then such an error will not appear.

Common Mistakes Related to Issuing and Installing SSL Certificates

You have chosen a wrong certification authority

There are numerous certification authorities present on the market nowadays, each of them is providing SSL certificates issuing services. However, not all the certification centers have a trusted reputation and boast broad support from manufacturers of popular desktop browsers and mobile devices. When choosing a certifying authority, pay additional attention on the availability of the type of SSL certificates that you require. It is due to a fact that there are certain certification authorities which are limited to release of only OV and EV SSL certificates. Some CAs are limited to only domain-verified certificates (DV).

Choosing a trusted and reputable CA guarantee that SSL certificates from this CA will always be accepted by all devices and browsers. You will not encounter issues such as users of SSL certificates from WoSign and StartCom certification authorities were facing.

You have decided to use self-signed certificates for commercial sites

Self-signed SSL certificates are free, so they are attractive and often chosen by website owners. However, please note that for commercial site purposes such certificates will not work. Whenever a visitor comes to the site, he will see a warning notification. As a result, there will be a significant loss of traffic, because visitors will refrain from using such a resource - the level of trust to it will be very low. A commercial resource must be protected by a trusted SSL certificate.

You’ve made a mistake when creating a CSR request

In order for SSL certificate to be generated, certification authority must receive properly created CSR request i.e. containing no errors. It is vital to carefully check each field while creating your CSR request. All input data must be correct and meeting the requirements for the CSR representation. It is strongly advised to always double check that all the data is provided correctly before submitting your CSR. It will save you a lot of time and effort comparing to reissue the certificate because of problems with any field in CSR request.

You are not prepared for the verification process

The certification authority always performs verification checks of individuals and / or organization before issuing the SSL certificate. Domain Validation (DV) verification includes verifying that domain for which SSL certificate is requested, belongs to the person who is requesting the certificate. In order to pass through DV verification, use the administrator email associated with the domain (admin / administrator / postmaster / hostmaster / webmaster), or specified in WHOIS. It is a straightforward verification procedure which does not require any specific arrangements.

However, if you would like to obtain an OV (with organization verification) or an EV (with extended verification) SSL certificate, in this case you will need to provide additional information about your company. It is quite common that organizations make mistakes while providing required data, which leads to problems with the validation checks. Information contained in the CSR could be outdated and does not reflect the current state of affairs in the company. In some circumstances company may have no publicly available phone number. It is vital to provide all required information before applying for SSL certificate - otherwise there may be delays with the issuance of the SSL certificate or it will not be issued at all.

You lost your private key

During the process of generating a CSR-request, a unique file is created on your computer, which is called the Private Key. This key allows you to read encrypted messages that are sent to your server from the visitor's browser. If you accidentally share a private key with anyone (for example, with fraudsters), then your site will no longer be protected. If you lose a private key, you will not be able to install the SSL certificate on the site - you will need to re-issue the SSL certificate. Protect your private key - be caution and store it only in secure places!

You decided to install the SSL certificate on your own, ignoring the instructions

If you are not an IT expert, it is strongly advised to refrain from trying to install an SSL certificate by yourself. It is most likely, that you will fail and will need to seek for services of paid specialists, which will take a lot of time and cause additional expenses.

Simply follow the installation guides. Many of them provide step-by-step advices on installation of SSL certificates. You will become familiar with all required actions: what commands to enter, how to configure the server, where to begin installing the SSL certificate, etc.

You forgot to test accuracy of SSL certificate installation

The final step of any process is defining whether everything was done correctly. Make sure that you visit your site after installing SSL to ascertain that the certificate was installed correctly. It would help to avoid undesirable scenario where you believe that everything works as expected, but in fact users are encountering errors when visiting your resource.

You forgot about the certificate expiry date

SSL certificates need to be renewed. Their lifetime is limited to 1-3 years (since 2018 three-year certificates will no longer be issued). Users often forget about the certificates expiration date, which adversely affects the business as a whole - your website displays an error message to visitors stating that the certificate has expired.