Your site is initially deployed using a self-signed SSL server certificate. This will produce warnings with most browsers such as "Your connection is not private" or "This connection is untrusted." In the particular case of new Drupal Cloud sites, you can safely accept the untrusted certificate and proceed with editing the site.
IS&T requests InCommon signed certificates for new Drupal Cloud sites on a weekly basis, so new sites should automatically get signed certificates within that time frame. As of Spring 2018, some older sites (mostly ones that were requested but weren't populated with user content) are still without certificates, and we're processing the backlog as time allows.
If your site hasn't been given an InCommon certificate within an acceptable timeframe, please let us know at firstname.lastname@example.org; please be specific about your deployment plans.