What to do when your SSL Intermediate/Chain certificate has expired

Issue

Sometimes SSL certificates that are issued by Certificate Authorities include intermediate/chain certificate files that reach their expiry date. This is not the same as when a main/server certificate purchased by your organization reaches its predetermined expiry date.

If the SSL certificate in use on your site contains an expired intermediate/chain certificate file, it may result in certain SSL errors to your site. 

Additionally, SSL certificates cannot be installed on our platform if the intermediate/chain contains an expired file and attempting to do so will result in an error message. We have more information about that installation error here: Verifying the validity of an SSL certificate.

Resolution

In order to resolve this, contact your SSL vendor/Certificate Authority and request an updated intermediate/chain certificate to be used along with your existing main/server certificate. 

Once you have the updated intermediate/chain certificate file, re-install your existing main/server certificate with its associated private key with the new intermediate/certificate file for your respective environments within the Acquia Cloud Platform UI.

We have instructions on how to install SSL certificates here.