SSL certificates are a must on any website that conducts sensitive data transactions. There are several ways you can use SSL certificates and they are not all the same thing. Primarily, the differences are how the certificate is trusted (who issued it), what degree of gaurantee the certificate issuer provides and what method of verification it uses to prove it was issued by an authority known by the browser distributor. If you use a web browser that is up to date, you will benefit from more trusted issuers in the browser's known list. However, this is simply a list of issuers that are trusted by that browser, not an indication that the content of the site or the site's server are secure.

Some certificates use an intermediate certification process. There is an added level of authority checked beyond the issuer's ID, the key and the certificate for the SSL enabled domain.

In this example, the intermediate certificate is not included, but the certificate key and certificate itself are valid.

By adding the intermediate (provided by your SSL issuer), you can eliminate this error on most modern browsers.

Notice that there are three lines in this config. The SSLCertificateFile, SSLCertificateKeyFile and the SSLCertificateChainFile. Without the SSLCertificateChainFile some browsers will complain.

The end user can always choose to simply add an exception. Browser distributors are making this increasingly annoying and require the user to click through warning screens that suggest this is an illegitimate solution or dangerous.

After clicking on "Add Exception" the user will be required to download the certificate and add the exception rule.

Once added, the user should be able to visit the site using SSL without further molestation.