My certificate works in my browser, but my visitors get a Security Alert that says ‘The security certificate was issued by a company you have not chosen to trust…’ What is the problem?

The issue is that your visitors’ browsers are unable to properly identify who issued your certificate. First, confirm that your visitors are not seeing an incorrect or outdated certificate. Once you have made sure that your visitors are seeing the correct certificate, the issue is most likely solved by installing the intermediate certificates. Below are the links that you can use to download your intermediate certificate from the vendor website: https://knowledge.digicert.com/generalinformation/INFO4331.html https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1421 https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1384 https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548 https://support.comodo.com/index.php?/Default/Knowledgebase/List/Index/108/sha-2

What is a private key used for?

The private key is used on the server-side exchange for creating the secure connection. It should never be exposed to your SSL provider or outside users, unless specifically requested by your web host for installation. Please note if the private key is lost or deleted, you will have to make a new CSR and private key on your server. Your private key is not provided by the Certificate Authority (CA) or your SSL provider.