External Link Has HTTPS Certificate Problem
A link to an HTTPS URL with an expired, self-signed, or untrusted certificate will throw a security warning in users' browsers, hurting trust and click-through.
Why it matters
A link to an HTTPS URL with an expired, self-signed, or untrusted certificate will throw a security warning in users' browsers, hurting trust and click-through.
Schedule a fix in your next sprint. Warnings won't block your site but they consistently leave performance on the table. Estimated SEO impact: high — direct effect on rankings or impressions.
How to fix
- Switch the link to http if the destination has not yet renewed its cert (rare; verify first)
- Use a different source for the same information
- Remove the link until the destination cert is fixed
Common causes
If the rule is firing across many pages, the root cause is almost always one of these:
target="_blank"applied broadly without the matchingrel="noopener".- Affiliate or partner snippets pasted in raw without sanitisation.
- Old "open in new tab" UX pattern from before tabnabbing was a known threat.
Anti-patterns to avoid
Even with the best intentions, these "fixes" make the issue worse — recognise them so you don't ship them:
- Bare
target="_blank"withoutrel="noopener". - Linking to known low-trust or spammy sites for SEO juice trades.
- Sending users off-site mid-conversion without warning.
How atlookup detects this
Our crawler renders each page with a real headless browser, then checks the safety attributes (target, rel) and trust signals on every outbound link. Pages where the rule fires for external link has https certificate problem are flagged on the report.
If you'd like to see this rule fire on your own site, run a free 60-second audit — every page is reported with the exact lines that triggered it.
Tools to verify the fix
Once you've applied the fix, double-check with these external validators:
- Lighthouse — Best-Practices audit catches unsafe target=_blank.
- axe DevTools — Reviews link semantics and accessibility.
Frequently asked questions
Why does External Link Has HTTPS Certificate Problem matter for SEO?
A link to an HTTPS URL with an expired, self-signed, or untrusted certificate will throw a security warning in users' browsers, hurting trust and click-through.
How do I fix external link has https certificate problem?
Switch the link to http if the destination has not yet renewed its cert (rare; verify first) Use a different source for the same information Remove the link until the destination cert is fixed
Is this a critical SEO issue?
Schedule a fix in your next sprint. Warnings won't block your site but they consistently leave performance on the table. Estimated SEO impact: high — direct effect on rankings or impressions.
How does atlookup detect external link has https certificate problem?
Our crawler renders each page with a real headless browser, then checks the safety attributes (target, rel) and trust signals on every outbound link. Pages where the rule fires for external link has https certificate problem are flagged on the report.
How long does it take to fix?
5–15 minutes per page. Most teams batch similar issues across templates so the per-page time goes down at scale.
Related issues
EXTERNAL_LINK_BROKEN
Broken External Link
Links pointing to dead pages (4xx/5xx) send visitors to errors and signal a poorly maintained site to search engines.
EXTERNAL_LINK_REDIRECT_LOOP
External Link Redirects in a Loop
A circular redirect chain means the destination page is unreachable — browsers will eventually stop and show an error.
EXTERNAL_LINK_TIMEOUT
External Link Times Out
A link that consistently times out is effectively broken for users.
EXTERNAL_LINK_TOO_MANY_REDIRECTS
External Link Has Too Many Redirects
Long redirect chains add latency, increase the chance of any single hop breaking the trail, and can leak referrer information across more hosts than intended.