Ошибка your connection is not private

Важно убедиться, что веб-сайты, которые вы просматриваете, безопасны. Есть несколько способов проверить это. Один из них – проверить в браузере в адресной строке наличие символа с замком. Но также в браузере может показываться сообщение «Ваше подключение не защищено». Если вы игнорируете сообщения с подобной ошибкой, то вы подвергаете риску свою онлайн-информацию.

Чтобы помочь вам оставаться в безопасности в Интернете, мы объясним причины, по которым на вашем экране может появиться ошибка “Ваше подключение не защищено”, и как ее исправить.

Что означает ошибка «Ваше подключение не защищено»?

Сообщение с ошибкой «Ваше подключение не защищено» обозначает, что соединение не является безопасным. Это означает, что если вы не используете антивирус или шифрование, ваше устройство может стать «золотой жилой» для хакеров.

Чтобы получить доступ к веб-сайту, ваш браузер должен выполнить проверку цифровых сертификатов, установленных на сервере, чтобы убедиться, что сайт соответствует стандартам конфиденциальности и безопасен для дальнейшего использования. Если Ваш браузер обнаружит что-то неладное с сертификатом, он попытается предотвратить ваш доступ к этому сайту. Именно в этот момент вы увидите сообщение “Ваше подключение не защищено».

Эти сертификаты также называются сертификатами инфраструктуры открытых ключей или удостоверениями личности. Они предоставляют доказательства того, что открываемый сайт действительно является тем сайтом, за который он себя выдает. Цифровые сертификаты помогают защитить вашу личную информацию, пароли и платежную информацию.

Когда ваше соединение не защищено, то обычно это происходит из-за ошибки в сертификате SSL.

Что такое ошибка SSL-соединения?

Сертификат Secure Sockets Layer (SSL) предназначен для обслуживания веб-сайтов через защищенные соединения HTTPS. HTTPS – это барьер безопасности, используемый для безопасной авторизации соединений и защиты данных. Ошибка SSL-соединения возникает тогда, когда у вашего браузера нет безопасного способа для открытия запрашиваемого сайта. Когда браузер увидит, что соединение не является безопасным, он попытается остановить вас от доступа к этому веб-сайту.

Существует несколько различных причин возникновения ошибки SSL-соединения:

• Сертификат отсутствует или срок его действия истек
• Ваш браузер не обновлен
• Ваш антивирус или настройки даты и времени отключены
• Ошибка сервера

Если сообщение вызвано ошибкой на сервере, то вам придется подождать, пока владелец этого сервера не исправит данную ошибку.

Как ошибка «Ваше подключение не защищено» выглядит в разных браузерах

Когда вы получите подобное сообщение об ошибке, оно приведет вас на новую страницу. Некоторые браузеры используют простые сообщения, в то время как другие используют коды и предупреждающие знаки.

Google Chrome

Когда вы получите данное сообщение об ошибке в Google Chrome, оно приведет вас на страницу под названием Ошибка конфиденциальности. На ней браузер покажет большой красный восклицательный знак и сообщение «Ваше подключение не защищено». Он предупредит вас, что злоумышленники могут попытаться украсть ваши пароли, сообщения или кредитные карты. Сообщение даст вам возможность вернуться на предыдущую страницу, перейти к дополнительным настройкам или попытаться продолжить работу на сайте.

Кроме того, страница будет иметь код ошибки. Вот некоторые из наиболее распространенных:

• NET::ERR_CERT_COMMON_NAME_INVALID
• NET::ERR_CERT_AUTHORITY_INVALID NTE::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
• NET::ERR_CERT_DATE_INVALID
• NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
• ERR_CERT_SYMANTEC_LEGACY
• SSL certificate error
• ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

Mozilla Firefox

В Mozilla Firefox данное сообщение выглядит аналогично, но звучит несколько иначе: «Ваше подключение не безопасно». В нем сообщается, что владелец сайта неправильно его настроил. Также у вас есть возможность вернуться назад или перейти к дополнительным настройкам.

Наиболее распространенные коды ошибок, которые вы можете увидеть в Firefox:

• SEC_ERROR_EXPIRED_CERTIFICATE
• SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE 
• SEC_ERROR_UNKNOWN_ISSUER.
• SEC_ERROR_OCSP_INVALID_SIGNING_CERT 
• MOZILLA_PKIX_ERROR_MITM_DETECTED
• MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
• SSL_ERROR_BAD_CERT_DOMAIN
• ERROR_SELF_SIGNED_CERT

Safari

Если вы – пользователь браузера Safari, то вы получите сообщение на новой странице с фразой о том, что данное соединение не является защищенным, и что открываемый веб-сайт может выдавать себя за тот сайт, к которому вы хотели бы получить доступ, чтобы украсть вашу личную или финансовую информацию.

Microsoft Edge

Если вы используете Microsoft Edge, то вы увидите сообщение, которое выглядит почти идентично сообщению Google Chrome с восклицательным знаком и сообщением “Ваше подключение не защищено». Если сертификат не соответствует домену, к которому вы пытаетесь подключиться, то вы увидите тот же код.

Наиболее распространенные коды ошибок, которые вы можете увидеть в Microsoft Edge:

• NET::ERR_CERT_COMMON_NAME_INVALID 
• DLG_FLAGS_INVALID_CA 
• DLG_FLAGS_SEC_CERT_CN_INVALID
• Error Code: 0

Как исправить ошибку «Ваше подключение не защищено»

Существует несколько различных способов исправить или обойти это сообщение об ошибке.

1. Перезагрузите страницу

Конечно, это кажется самым простым решением, но иногда перезагрузка страницы позволяет устранить сбои, связанные с тайм-аутом браузера, Интернет-соединения и т.д. Попробуйте заново набрать адрес сайта в адресной строке браузера (возможно, ранее была опечатка).

2. Попробуйте режим инкогнито

Следующее, что вы можете попробовать, это включить режим инкогнито и попытаться получить доступ к тому же веб-сайту. Если веб-сайт действительно имеет проблемы с безопасностью, то он не должен работать, как только вы переключитесь в режим инкогнито, потому что этот режим позволяет просматривать сайт без сохранения истории или кэша. Если браузер по-прежнему говорит «Ваше подключение не защищено», то вы должны попробовать очистить свой кэш.

Чтобы в браузере Chrome открыть вкладку в режиме инкогнито, в правом верхнем углу нажмите на кнопку с тремя точками, после чего в выпадающем меню выберите пункт «Новое окно в режиме инкогнито» (того же самого можно добиться нажатием клавиш Ctrl + Shift+N).

3. Проверьте дату и время

Дважды проверьте правильность даты и времени на вашем компьютере. Если они не совпадают с браузером, может возникнуть ошибка SSL-соединения.

Как проверить дату и время на Mac

1.       Перейдите в меню Apple в верхнем левом углу экрана

2.       Нажмите на System Preferences

3.       Здесь выберите Date & Time

4.       Проверьте, что дата и время указаны верно

Как проверить дату и время в Windows

1.       Правой кнопкой мыши нажмите на дате и времени в панели задач (как правило, в правом нижнем углу экрана)

2.       В выпадающем меню выберите «Настройка даты и времени»

3.       Проверьте, что дата и время указаны верно

4. Очистите кеш и куки в вашем браузере

Во время просмотра веб-страниц ваш компьютер хранит файлы «куки» (cookie), которые собирают данные и занимают много места на жестком диске. Когда ваш компьютер пытается обработать всю эту информацию, он может начать работать медленнее.

Попробуйте зайти в настройки и очистить кеш и куки в вашем браузере. Удаление всей этой информации ускорит ваши соединения.

5. Обратите внимание, какой используется Wi-Fi

Вы можете получить данное сообщение с ошибкой при использовании публичного Wi-Fi, который не является безопасным. Некоторые публичные  Wi-Fi имеют плохую конфигурацию и не работают по протоколу HTTPS. Если вы не уверены в безопасности вашего соединения, найдите другую сеть Wi-Fi или подождите, пока вы не сможете безопасно просматривать сайты у себя дома.

Лучший способ защитить ваши данные при соединениях через публичный Wi-Fi, — это использовать виртуальную частную сеть (VPN). VPN помогает скрыть ваш трафик и защитить вашу онлайн-личность во время обмена зашифрованными данными с удаленным сервером.

6. Проверьте ваш антивирус или файервол

Если у вас имеется антивирус, установленный на вашем устройстве с Mac или Windows, вы также можете получать сообщение об ошибке, поскольку антивирус или файервол переопределяет вашу сеть. Проверьте наличие этой проблемы, временно отключив функцию сканирования SSL.

7. Действуйте осторожно

Если вы все еще видите сообщение «Ваше подключение не защищено», но при этом вам необходимо обязательно открыть требуемый сайт, то делайте это с максимальной осторожностью. Ваш браузер показывает вам это сообщение и советует не продолжать по уважительной причине.

Решив продолжить, Вы можете подвергнуть свою личную информацию и платежную информацию риску быть скомпрометированными. Время и деньги, связанные с этим риском, не стоят того.

Если вы выполните наши рекомендации, то сможете исправить или обойти сообщение об ошибке «Ваше подключение не защищено». Помните, что вы получаете это сообщение в результате того, что веб-сайт, к которому вы пытаетесь получить доступ, не считается безопасным. Если вам не удастся устранить проблему, то игнорируя ее, вы, конечно, сможете открыть требуемый сайт и найти то, что вы ищете, но при этом вы также будете рисковать вашей персональной информацией. Существует программное обеспечение, такое как антивирус Panda Dome, которое вы можете использовать для защиты своей цифровой жизни. Ваша онлайн-информация имеет большую ценность, поэтому будьте разумны при поиске в Интернете, чтобы ваша информация не оказалась в чужих руках.

Kinsta works with thousands of different sites on a daily basis, so when it comes to different types of errors, we’ve pretty much seen it all. From database connection errors to the white screen of death, ERR_CACHE_MISS, and browser/TLS related issues.

Some of these for the everyday user can be downright frustrating and even scary at times. Depending on the type of error it could also mean downtime for your website, which means you’re losing money. Or it might just be that the browser on your computer needs fixing.

Check Out Our Video Guide to Fixing the “Your Connection is Not Private” Error

Today we’re going to dive into the “your connection is not private” error and walk you through some ways to get things working again. Read more below about what causes this error and what you can do to prevent it in the future.

What Is the “Your Connection is Not Private” Error?

The “your connection is not private” error only pertains to sites that are running over HTTPS (or should be running over HTTPS). When you visit a website, your browser sends a request to the server where the site is hosted. The browser then has to validate the certificate installed on the site to ensure it is up to current privacy standards. Other things that also take place include the TLS handshake, the certificate being checked against the certificate authority, and decryption of the certificate.

If the browser finds that the certificate isn’t valid, it will automatically try to prevent you from reaching the site. This feature is built into web browsers to protect the user. If the certificate isn’t set up correctly, this means data can’t be encrypted properly and therefore the site is unsafe to visit (especially those with logins or that process payment information). Instead of loading the site, it will deliver an error message, such as “your connection is not private.”

Why Is the “Your Connection Is Not Private” Error Appearing?

The main reason you may be seeing the “your connection is not private” error is that your browser is failing to verify a Secure Sockets Layer (SSL) certificate, which is necessary for security reasons.

An SSL certificate makes it possible to open an encrypted connection, because it is a text file installed on a web server that carries information such as the domain name that the certificate was issued for and which person, organization, or device owns the domain.

Considering all this, the error “your connection is not private” can happen because:

• The site’s SSL certificate is not valid or is missing.
• The SSL certificate was set up incorrectly.
• The server presented an SSL certificate for the wrong website.
• The SSL certificate does not contain variations on the domain name.

“Your Connection Is Not Private” Error Variations

There are quite a few different variations of this error depending upon which web browser you’re using, operating system, and even the configuration of the certificate on the servers. And while some of these errors sometimes mean slightly different things, a lot of times the troubleshooting steps are the same.

Your Connection Is Not Private in Google Chrome

In Google Chrome if there is an issue validating the certificate the error will show as “your connection is not private” (as seen below).

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

This is also accompanied by an error code message which helps to try and pinpoint the exact issue. Below are just some of the most common error codes you might see in Google Chrome:

• ERR_CERT_SYMANTEC_LEGACY
• NET::ERR_CERT_AUTHORITY_INVALID
• NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
• NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
• NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
• NET::ERR_CERT_DATE_INVALID
• ERR_SSL_PROTOCOL_ERROR
• ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Your Connection Is Not Secure in Mozilla Firefox

In Mozilla Firefox the error message varies slightly, and instead of “your connection is not private” you’ll see “your connection is not secure” (as seen below).

The owner of domain.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Just like in Chrome, it’s accompanied by an error code message which helps to try and pinpoint the problem. Below are just a couple of the most common error codes you might see in Mozilla Firefox:

• MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
• SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
• SEC_ERROR_EXPIRED_CERTIFICATE
• SEC_ERROR_UNKNOWN_ISSUER
• MOZILLA_PKIX_ERROR_MITM_DETECTED
• ERROR_SELF_SIGNED_CERT
• SSL_ERROR_BAD_CERT_DOMAIN

Your Connection Isn’t Private in Microsoft Edge

In Microsoft Edge, you will also see the error as “Your connection isn’t private.”

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

These are also accompanied by an error code message. Below are just a couple of the most common error codes:

• NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
• Error Code: 0
• DLG_FLAGS_INVALID_CA
• DLG_FLAGS_SEC_CERT_CN_INVALID

This Connection Is Not Private in Safari

In Safari, you will see the error as “Your connection is not private.”

This website may be impersonating “domain.com” to steal your personal or financial information. You should go back to the previous page.

How To Fix the “Your Connection Is Not Private” Error

Sometimes you might not even know where to begin if you’re seeing a “your connections is not private” error. From our experience, these errors typically originate from two things: the first is a client-side issue (your browser, computer, OS), and the second is that there is an actual problem with the certificate on the website (expired, wrong domain, not trusted by the organization). So we’ll dive into a little of both.

Here are some recommendations and things to check to fix the error (sorted in order by most common reasons we see):

1. Try Reloading the Page

This might seem a little obvious to some, but one of the easiest and first things you should try when encountering a “your connection is not private” error is to simply close and re-open your browser and try loading the page again. It could be that the website owner is currently reissuing their SSL certificate or something was out of whack in your browser.

2. Manually Proceed (Unsafe)

Your second option is to simply manually proceed. However, we don’t ever recommend doing this unless you fully understand that nothing will be encrypted if you proceed. If you’re going to be entering in login credentials or entering payment details, by all means, skip to the next steps below.

We only include this option so we can explain the full ramifications of doing this. Seeing this error could very well mean that someone’s trying to fool you or steal any info you send to the server and you should typically close the site immediately. It is also possible that the website has been compromised and there is a malicious redirection. If you’re in a public place, never try to bypass this screen.

If you still want to proceed, there is usually a “Proceed to domain.com” link you can click at the bottom of the error screen. Depending on the browser this is sometimes hidden under the “Advanced” option. Note: If the website is using HSTS (HTTP Strict Transport Security) this option won’t be available as it means they have implemented an HTTP header which never allows non-HTTPS connections.

3. Are You in a Cafe or Airport?

This might sound odd, but cafes ☕ and airport Wi-Fi networks tend to be one of the most popular places that users see the “your connection is not private” error. Why? Because a lot of them are still not running everything over HTTPS, or if they are, it isn’t configured correctly. This usually pertains to the portal screen where you need to accept the terms and agreement to sign in. If you’re trying to connect to an HTTPS (secure) site before accepting the portal’s terms this error could pop up. Here are some easy steps to get around it.

1. Connect to the cafe or the airport’s Wi-Fi.
2. Browse to a non-HTTPS site, such as http://www.weather.com.
3. The sign-in page should then open. You can accept the terms and then log in. Due to the fact that the terms are usually just consisting of a checkbox, you shouldn’t be too concerned if it isn’t running over HTTPS. Once connected you can then browse to sites over HTTPS. Tip: If you can’t get the sign-in page to open, you could also try typing 1.1.1.1 into your browser (source).

Remember, whenever you’re using public Wi-Fi a VPN can help protect you even further by hiding your traffic. Here are a couple popular ones you might want to check out:

• Private Internet Access
• TunnelBear
• NordVPN

4. Check Your Computer’s Clock

Another very common reason that you might see the “your connection is not private” error is that your computer’s clock is messed up. Browsers rely on these to be correctly synced up to verify the SSL certificate. This can easily happen if you just purchased a new computer, especially laptops on Wi-Fi for the first time. They don’t always sync up automatically after your first login. Below are the steps to update the time on your computer. Note: This can also happen on mobile devices.

Windows

1. Right-click the time in the bottom right-hand task tray.
2. Select “Adjust date/time.”
   
3. Select “Set time automatically” and optionally “Set time zone automatically.” This will update according to one of Microsoft’s NTP servers. Double check the time in the bottom right-hand task tray to make sure it’s correct. If not, you can click on the “Change” button to manually select a time zone.
   
4. Close your browser and re-open it. Then try revisiting the website.

Mac

1. From the Apple menu click on “System Preferences”
2. Click the Date & Time icon. If the padlock appears at the bottom of the window you might need to click it and enter your administrator username and password.
3. Select “Set date & time automatically.” This will update according to one of Apple’s NTP servers.
4. Select the Time Zone tab. If it doesn’t determine your location automatically simply uncheck it so you can manually set it. On the map select your time zone region and city.
5. Close your browser and re-open it. Then revisiting the website.

5. Try in Incognito Mode

Our next recommendation would usually be to clear your browser’s cache. However, that’s easier said than done for a lot of us. 😉 If you want to check if it might be your browser cache, without clearing your cache, you can always open up your browser in incognito mode. Or test another browser and see if you still see the “your connection is not private” error. Don’t rule out Chrome extensions either. But this will help you test that.

In Mozilla Firefox Incognito mode is referred to as “New private window.” In Microsoft Edge, it’s referred to as “New InPrivate Window.”

6. Clear Browser Cache and Cookies

If you think it might be your browser, clearing your browser cache is always a good troubleshooting step before diving into more in-depth troubleshooting. Below are instructions on how to do it in the various browsers:

• How to Force Refresh a Single Page for All Browsers
• How to Clear Browser Cache for Google Chrome
• How to Clear Browser Cache for Mozilla Firefox
• How to Clear Browser Cache for Safari
• How to Clear Browser Cache for Internet Explorer
• How to Clear Browser Cache for Microsoft Edge
• How to Clear Browser Cache for Opera

Check Out Video Guide to Clearing Browser Cache

7. Try Clearing the SSL State on Your Computer

Clearing the SSL state in Chrome is often overlooked but can come in very handy and is easy to try. Just like clearing your browser’s cache this can help if things get out of sync. To clear the SSL state in Chrome on Windows, follow these steps:

1. Click the Google Chrome – Settings icon (Settings) icon, and then click Settings.
2. Click Show advanced settings.
3. Under Network, click Change proxy settings. The Internet Properties dialog box appears.
4. Click the Content tab.
5. Click “Clear SSL state”, and then click OK.
6. Restart Chrome.

If you are on a Mac, see these instructions on how to delete an SSL certificate.

8. Change DNS Servers

The next thing you can try is changing your DNS servers. We’ve actually seen the “your connection is not private” error happen before when using Google’s Public DNS (8.8.8.8 and 8.8.4.4) or Cloudflare’s DNS (1.1.1.1 and 1.0.0.1). Removing this and defaulting back to your ISP’s DNS servers can sometimes fix DNS errors. Google and Cloudflare aren’t perfect 100% of the time and we’ve issues occur now and then.

To do this on Windows, go to your network connection properties and make sure “Obtain DNS server address automatically” is selected. If you’ve added Google’s Public DNS or Cloudflare’s DNS to your router, you might also have to remove it from there.

9. Disable VPN and Antivirus Temporarily

Sometimes VPNs and Antivirus software can conflict or override your network settings, including blocking certain SSL certificates or connections. If you have any running, try temporarily disabling them (closing them) or turning off their “SSL Scan” feature to see if it resolves the “your connection is not private” error in Chrome.

10. Make Sure the Certificate Hasn’t Expired

SSL certificates expiring without the website owner’s knowledge happens all the time. In fact, a lot more than you might think. Even to Fortune 500 companies! We were able to find this tweet below within a matter of a few seconds. No big deal, just Huntington Bank forgetting to renew their SSL certificate. 😨

@Huntington_Bank It seems like the SSL certificate on your site for logging into my account has expired. Google Chrome is giving me a warning every time and does not let me sign in. Please help.

— Jonathon Kay (@jonathonkay29) August 13, 2018

Typically this happens due to the following reasons:

• The website owner doesn’t have auto-renew enabled with the domain registrar or SSL certificate provider.
• Auto-renew is enabled but payment fails because the user has forgotten to update their payment method. Users typically change credits cards more frequently than they access their domain registrar’s dashboard throughout the year.
• The website owner uses a free Let’s Encrypt certificate which expires every 90 days and they don’t have a script in place to renew it, or they forget. At Kinsta, we’ve automated this process so you never have to worry about your free SSL certificates expiring.

This results in an accompanying error code: NET::ERR_CERT_DATE_INVALID.

You can easily check a certificate’s expiration date by opening up Chrome DevTools while you’re on the site. Click on the security tab and click on “View certificate.” The “Valid from” dates will show in the certificate information.

Another quick and easy way to access a site’s SSL certificate information in Chrome is to click on the padlock in the address bar. Then click on “Certificate.”

11. Check Subject Alternative Domain

Each certificate has what they call the Subject Alternative Name. This includes all the domain name variations for which the certificate is issued to and valid for. It’s important to note that https://domain.com and https://www.domain.com are treated as two separate domains (just like a subdomain).

If you’re seeing an accompanying error code such as SSL_ERROR_BAD_CERT_DOMAIN, it could be that a certificate is not registered properly on both variations of the domain. This is less common nowadays as sites usually have HTTPS redirects in place. At Kinsta you can generate your free HTTPS certificate for both www and non-www.

This could also happen if you just changed domain names. For example, perhaps you just acquired that shiny new .com address and moved from your old domain. If you forget to install an SSL certificate on your new domain, then a NET::ERR_CERT_COMMON_NAME_INVALID error will most likely occur.

12. Is the Certificate SHA-1?

SHA-1 is a cryptographic hash algorithm once commonly used by SSL certificates on the web. SHA-1 though has shown signs of weaknesses and therefore is no longer supported in any current browser. If a website is still using a certificate with this old algorithm the “your connection is not private” error will appear.

• Google Chrome removed support for SHA-1 in Chrome 56 (January 2017)
• Mozilla Firefox announced deprecation of SHA-1 in Firefox 51 (February 2017)
• Microsoft announced blocking SHA-1 signed TLS certificates (January 2017)

Most certificates now use SHA-256 hash algorithms. This can be found under the “Details” tab when inspecting a certificate on a website.

13. Is the Certificate Issued by Symantec?

Back in January 2017, the public was made aware of some bad practices on Symantec’s part when it comes to how they issued certificates. Essentially they didn’t comply with the industry standard CA/browser forum baseline requirements. It also turned out that they had been aware of this for some time. Because of this, browsers decided to no longer support certificates issued by Symantec.  If a website is still using a certificate issued by them the “your connection is not private” error might appear.

The timeline for this is still rolling out:

• Google Chrome Symantec timeline
• Mozilla Firefox Symantec timeline
• Microsoft will most likely be following suit, although they haven’t made an official statement yet.

Using a Symantec certificate can result in the accompanying error code: NET::ERR_CERT_SYMANTEC_LEGACY.

14. Run an SSL Server Test

If you’re not sure if everything is set up correctly on your website or someone else’s, you can always run an SSL server test. SSL/TLS certificates require not only your main certificate but also what they call intermediate certificates (chain) to also be installed. If you don’t have these set up properly, visitors could get a warning in their browsers, which in turn might drive them away. And depending on the browser and version, you may or may not see this warning if your certificate is setup incorrectly.

We recommend using the free SSL check tool from Qualys SSL Labs. It’s very reliable and we use it for all Kinsta clients when verifying certificates. Simply head over to their SSL check tool, input your domain into the Hostname field and click on “Submit.” You can also select the option to hide public results if you prefer. The scan might take a minute or two but it will show you all the fine details regarding a site’s SSL/TLS configuration.

Check out our in-depth tutorial on a couple things to check for when running an SSL test.

We’ve taken our knowledge of effective website management at scale, and turned it into an ebook and video course. Click here to download The 2023 Guide to Managing 60+ WordPress Sites!

15. Update Your Operating System

Older operating systems fall out of date with newer technologies such as TLS 1.3 and the latest cipher suites as browsers stop supporting them. Specific components in the latest SSL certs will simply stop working. Google Chrome, in fact, pulled the plug on Windows XP back in 2015. We always recommend upgrading to newer operating systems if possible, such as Windows 10 or the latest version of Mac OS X.

Make sure your device is up-to-date on Windows, Mac, or another operating system.

16. Restart Your Computer

We know it’s annoying, but it has to be mentioned. 😬 If none of the above options work, trying restarting your computer and even your router. We realize many of you probably have hundreds of tabs or applications open and that’s why we made this one of the last options. But rebooting devices actually clears out a lot of temporary cache and hiccups.

17. Reach out For Help

Still seeing the “your connection is not private” error? Don’t be afraid to reach out and ask for help. If you see this on your own site, feel free to open up a ticket with our Kinsta support team. We can help you determine why this might be happening and if it is indeed an issue on your website itself.

The Google Chrome Help Forums can also be especially helpful! You can guarantee there are users that have already experienced the same error or bug, and are ready to help.

18. Disable Chrome Checking SSL Certificates

You can also disable Chrome checking SSL certificates. However, we can’t stress enough, this is only meant for testing and development purposes. Don’t ever use the following options unless you know exactly what you’re doing.

Allow Invalid Certificates From localhost

If you’re testing locally, you might be able to use the Chrome flag to simply allow insecure connections from localhost. In Chrome, browse to: chrome://flags/. Search for “insecure” and you should see the option to “Allow invalid certificates for resources loaded from localhost.” Enable that option and restart your browser.

Disable Chrome Checking All SSL Certificates

You can tell Chrome to ignore all SSL certificate errors by passing the following at the command line at launch. If you’re on Windows simply right-click into the properties of the launcher. Then add --ignore-certificate-errors in the target field. Then restart Chrome.

Summary

Browser errors are never fun and can sometimes be difficult to troubleshoot. Hopefully one of the tips above will help you resolve the “your connection is not private” error as quickly as possible. Remember, these are typically caused by something misconfigured on your own computer or with the certificate on the website itself.

Was there anything we missed? Perhaps you have another tip on troubleshooting the connection error. If so, let us know below in the comments.

Kinsta works with thousands of different sites on a daily basis, so when it comes to different types of errors, we’ve pretty much seen it all. From database connection errors to the white screen of death, ERR_CACHE_MISS, and browser/TLS related issues.

Some of these for the everyday user can be downright frustrating and even scary at times. Depending on the type of error it could also mean downtime for your website, which means you’re losing money. Or it might just be that the browser on your computer needs fixing.

Check Out Our Video Guide to Fixing the “Your Connection is Not Private” Error

Today we’re going to dive into the “your connection is not private” error and walk you through some ways to get things working again. Read more below about what causes this error and what you can do to prevent it in the future.

What Is the “Your Connection is Not Private” Error?

The “your connection is not private” error only pertains to sites that are running over HTTPS (or should be running over HTTPS). When you visit a website, your browser sends a request to the server where the site is hosted. The browser then has to validate the certificate installed on the site to ensure it is up to current privacy standards. Other things that also take place include the TLS handshake, the certificate being checked against the certificate authority, and decryption of the certificate.

If the browser finds that the certificate isn’t valid, it will automatically try to prevent you from reaching the site. This feature is built into web browsers to protect the user. If the certificate isn’t set up correctly, this means data can’t be encrypted properly and therefore the site is unsafe to visit (especially those with logins or that process payment information). Instead of loading the site, it will deliver an error message, such as “your connection is not private.”

Why Is the “Your Connection Is Not Private” Error Appearing?

The main reason you may be seeing the “your connection is not private” error is that your browser is failing to verify a Secure Sockets Layer (SSL) certificate, which is necessary for security reasons.

An SSL certificate makes it possible to open an encrypted connection, because it is a text file installed on a web server that carries information such as the domain name that the certificate was issued for and which person, organization, or device owns the domain.

Considering all this, the error “your connection is not private” can happen because:

• The site’s SSL certificate is not valid or is missing.
• The SSL certificate was set up incorrectly.
• The server presented an SSL certificate for the wrong website.
• The SSL certificate does not contain variations on the domain name.

“Your Connection Is Not Private” Error Variations

There are quite a few different variations of this error depending upon which web browser you’re using, operating system, and even the configuration of the certificate on the servers. And while some of these errors sometimes mean slightly different things, a lot of times the troubleshooting steps are the same.

Your Connection Is Not Private in Google Chrome

In Google Chrome if there is an issue validating the certificate the error will show as “your connection is not private” (as seen below).

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

This is also accompanied by an error code message which helps to try and pinpoint the exact issue. Below are just some of the most common error codes you might see in Google Chrome:

• ERR_CERT_SYMANTEC_LEGACY
• NET::ERR_CERT_AUTHORITY_INVALID
• NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
• NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
• NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
• NET::ERR_CERT_DATE_INVALID
• ERR_SSL_PROTOCOL_ERROR
• ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Your Connection Is Not Secure in Mozilla Firefox

In Mozilla Firefox the error message varies slightly, and instead of “your connection is not private” you’ll see “your connection is not secure” (as seen below).

The owner of domain.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Just like in Chrome, it’s accompanied by an error code message which helps to try and pinpoint the problem. Below are just a couple of the most common error codes you might see in Mozilla Firefox:

• MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
• SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
• SEC_ERROR_EXPIRED_CERTIFICATE
• SEC_ERROR_UNKNOWN_ISSUER
• MOZILLA_PKIX_ERROR_MITM_DETECTED
• ERROR_SELF_SIGNED_CERT
• SSL_ERROR_BAD_CERT_DOMAIN

Your Connection Isn’t Private in Microsoft Edge

In Microsoft Edge, you will also see the error as “Your connection isn’t private.”

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

These are also accompanied by an error code message. Below are just a couple of the most common error codes:

• NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
• Error Code: 0
• DLG_FLAGS_INVALID_CA
• DLG_FLAGS_SEC_CERT_CN_INVALID

This Connection Is Not Private in Safari

In Safari, you will see the error as “Your connection is not private.”

This website may be impersonating “domain.com” to steal your personal or financial information. You should go back to the previous page.

How To Fix the “Your Connection Is Not Private” Error

Sometimes you might not even know where to begin if you’re seeing a “your connections is not private” error. From our experience, these errors typically originate from two things: the first is a client-side issue (your browser, computer, OS), and the second is that there is an actual problem with the certificate on the website (expired, wrong domain, not trusted by the organization). So we’ll dive into a little of both.

Here are some recommendations and things to check to fix the error (sorted in order by most common reasons we see):

1. Try Reloading the Page

This might seem a little obvious to some, but one of the easiest and first things you should try when encountering a “your connection is not private” error is to simply close and re-open your browser and try loading the page again. It could be that the website owner is currently reissuing their SSL certificate or something was out of whack in your browser.

2. Manually Proceed (Unsafe)

Your second option is to simply manually proceed. However, we don’t ever recommend doing this unless you fully understand that nothing will be encrypted if you proceed. If you’re going to be entering in login credentials or entering payment details, by all means, skip to the next steps below.

We only include this option so we can explain the full ramifications of doing this. Seeing this error could very well mean that someone’s trying to fool you or steal any info you send to the server and you should typically close the site immediately. It is also possible that the website has been compromised and there is a malicious redirection. If you’re in a public place, never try to bypass this screen.

If you still want to proceed, there is usually a “Proceed to domain.com” link you can click at the bottom of the error screen. Depending on the browser this is sometimes hidden under the “Advanced” option. Note: If the website is using HSTS (HTTP Strict Transport Security) this option won’t be available as it means they have implemented an HTTP header which never allows non-HTTPS connections.

3. Are You in a Cafe or Airport?

This might sound odd, but cafes ☕ and airport Wi-Fi networks tend to be one of the most popular places that users see the “your connection is not private” error. Why? Because a lot of them are still not running everything over HTTPS, or if they are, it isn’t configured correctly. This usually pertains to the portal screen where you need to accept the terms and agreement to sign in. If you’re trying to connect to an HTTPS (secure) site before accepting the portal’s terms this error could pop up. Here are some easy steps to get around it.

1. Connect to the cafe or the airport’s Wi-Fi.
2. Browse to a non-HTTPS site, such as http://www.weather.com.
3. The sign-in page should then open. You can accept the terms and then log in. Due to the fact that the terms are usually just consisting of a checkbox, you shouldn’t be too concerned if it isn’t running over HTTPS. Once connected you can then browse to sites over HTTPS. Tip: If you can’t get the sign-in page to open, you could also try typing 1.1.1.1 into your browser (source).

Remember, whenever you’re using public Wi-Fi a VPN can help protect you even further by hiding your traffic. Here are a couple popular ones you might want to check out:

• Private Internet Access
• TunnelBear
• NordVPN

4. Check Your Computer’s Clock

Another very common reason that you might see the “your connection is not private” error is that your computer’s clock is messed up. Browsers rely on these to be correctly synced up to verify the SSL certificate. This can easily happen if you just purchased a new computer, especially laptops on Wi-Fi for the first time. They don’t always sync up automatically after your first login. Below are the steps to update the time on your computer. Note: This can also happen on mobile devices.

Windows

1. Right-click the time in the bottom right-hand task tray.
2. Select “Adjust date/time.”
   
3. Select “Set time automatically” and optionally “Set time zone automatically.” This will update according to one of Microsoft’s NTP servers. Double check the time in the bottom right-hand task tray to make sure it’s correct. If not, you can click on the “Change” button to manually select a time zone.
   
4. Close your browser and re-open it. Then try revisiting the website.

Mac

1. From the Apple menu click on “System Preferences”
2. Click the Date & Time icon. If the padlock appears at the bottom of the window you might need to click it and enter your administrator username and password.
3. Select “Set date & time automatically.” This will update according to one of Apple’s NTP servers.
4. Select the Time Zone tab. If it doesn’t determine your location automatically simply uncheck it so you can manually set it. On the map select your time zone region and city.
5. Close your browser and re-open it. Then revisiting the website.

5. Try in Incognito Mode

Our next recommendation would usually be to clear your browser’s cache. However, that’s easier said than done for a lot of us. 😉 If you want to check if it might be your browser cache, without clearing your cache, you can always open up your browser in incognito mode. Or test another browser and see if you still see the “your connection is not private” error. Don’t rule out Chrome extensions either. But this will help you test that.

In Mozilla Firefox Incognito mode is referred to as “New private window.” In Microsoft Edge, it’s referred to as “New InPrivate Window.”

6. Clear Browser Cache and Cookies

If you think it might be your browser, clearing your browser cache is always a good troubleshooting step before diving into more in-depth troubleshooting. Below are instructions on how to do it in the various browsers:

• How to Force Refresh a Single Page for All Browsers
• How to Clear Browser Cache for Google Chrome
• How to Clear Browser Cache for Mozilla Firefox
• How to Clear Browser Cache for Safari
• How to Clear Browser Cache for Internet Explorer
• How to Clear Browser Cache for Microsoft Edge
• How to Clear Browser Cache for Opera

Check Out Video Guide to Clearing Browser Cache

7. Try Clearing the SSL State on Your Computer

Clearing the SSL state in Chrome is often overlooked but can come in very handy and is easy to try. Just like clearing your browser’s cache this can help if things get out of sync. To clear the SSL state in Chrome on Windows, follow these steps:

1. Click the Google Chrome – Settings icon (Settings) icon, and then click Settings.
2. Click Show advanced settings.
3. Under Network, click Change proxy settings. The Internet Properties dialog box appears.
4. Click the Content tab.
5. Click “Clear SSL state”, and then click OK.
6. Restart Chrome.

If you are on a Mac, see these instructions on how to delete an SSL certificate.

8. Change DNS Servers

The next thing you can try is changing your DNS servers. We’ve actually seen the “your connection is not private” error happen before when using Google’s Public DNS (8.8.8.8 and 8.8.4.4) or Cloudflare’s DNS (1.1.1.1 and 1.0.0.1). Removing this and defaulting back to your ISP’s DNS servers can sometimes fix DNS errors. Google and Cloudflare aren’t perfect 100% of the time and we’ve issues occur now and then.

To do this on Windows, go to your network connection properties and make sure “Obtain DNS server address automatically” is selected. If you’ve added Google’s Public DNS or Cloudflare’s DNS to your router, you might also have to remove it from there.

9. Disable VPN and Antivirus Temporarily

Sometimes VPNs and Antivirus software can conflict or override your network settings, including blocking certain SSL certificates or connections. If you have any running, try temporarily disabling them (closing them) or turning off their “SSL Scan” feature to see if it resolves the “your connection is not private” error in Chrome.

10. Make Sure the Certificate Hasn’t Expired

SSL certificates expiring without the website owner’s knowledge happens all the time. In fact, a lot more than you might think. Even to Fortune 500 companies! We were able to find this tweet below within a matter of a few seconds. No big deal, just Huntington Bank forgetting to renew their SSL certificate. 😨

@Huntington_Bank It seems like the SSL certificate on your site for logging into my account has expired. Google Chrome is giving me a warning every time and does not let me sign in. Please help.

— Jonathon Kay (@jonathonkay29) August 13, 2018

Typically this happens due to the following reasons:

• The website owner doesn’t have auto-renew enabled with the domain registrar or SSL certificate provider.
• Auto-renew is enabled but payment fails because the user has forgotten to update their payment method. Users typically change credits cards more frequently than they access their domain registrar’s dashboard throughout the year.
• The website owner uses a free Let’s Encrypt certificate which expires every 90 days and they don’t have a script in place to renew it, or they forget. At Kinsta, we’ve automated this process so you never have to worry about your free SSL certificates expiring.

This results in an accompanying error code: NET::ERR_CERT_DATE_INVALID.

You can easily check a certificate’s expiration date by opening up Chrome DevTools while you’re on the site. Click on the security tab and click on “View certificate.” The “Valid from” dates will show in the certificate information.

Another quick and easy way to access a site’s SSL certificate information in Chrome is to click on the padlock in the address bar. Then click on “Certificate.”

11. Check Subject Alternative Domain

Each certificate has what they call the Subject Alternative Name. This includes all the domain name variations for which the certificate is issued to and valid for. It’s important to note that https://domain.com and https://www.domain.com are treated as two separate domains (just like a subdomain).

If you’re seeing an accompanying error code such as SSL_ERROR_BAD_CERT_DOMAIN, it could be that a certificate is not registered properly on both variations of the domain. This is less common nowadays as sites usually have HTTPS redirects in place. At Kinsta you can generate your free HTTPS certificate for both www and non-www.

This could also happen if you just changed domain names. For example, perhaps you just acquired that shiny new .com address and moved from your old domain. If you forget to install an SSL certificate on your new domain, then a NET::ERR_CERT_COMMON_NAME_INVALID error will most likely occur.

12. Is the Certificate SHA-1?

SHA-1 is a cryptographic hash algorithm once commonly used by SSL certificates on the web. SHA-1 though has shown signs of weaknesses and therefore is no longer supported in any current browser. If a website is still using a certificate with this old algorithm the “your connection is not private” error will appear.

• Google Chrome removed support for SHA-1 in Chrome 56 (January 2017)
• Mozilla Firefox announced deprecation of SHA-1 in Firefox 51 (February 2017)
• Microsoft announced blocking SHA-1 signed TLS certificates (January 2017)

Most certificates now use SHA-256 hash algorithms. This can be found under the “Details” tab when inspecting a certificate on a website.

13. Is the Certificate Issued by Symantec?

Back in January 2017, the public was made aware of some bad practices on Symantec’s part when it comes to how they issued certificates. Essentially they didn’t comply with the industry standard CA/browser forum baseline requirements. It also turned out that they had been aware of this for some time. Because of this, browsers decided to no longer support certificates issued by Symantec.  If a website is still using a certificate issued by them the “your connection is not private” error might appear.

The timeline for this is still rolling out:

• Google Chrome Symantec timeline
• Mozilla Firefox Symantec timeline
• Microsoft will most likely be following suit, although they haven’t made an official statement yet.

Using a Symantec certificate can result in the accompanying error code: NET::ERR_CERT_SYMANTEC_LEGACY.

14. Run an SSL Server Test

If you’re not sure if everything is set up correctly on your website or someone else’s, you can always run an SSL server test. SSL/TLS certificates require not only your main certificate but also what they call intermediate certificates (chain) to also be installed. If you don’t have these set up properly, visitors could get a warning in their browsers, which in turn might drive them away. And depending on the browser and version, you may or may not see this warning if your certificate is setup incorrectly.

We recommend using the free SSL check tool from Qualys SSL Labs. It’s very reliable and we use it for all Kinsta clients when verifying certificates. Simply head over to their SSL check tool, input your domain into the Hostname field and click on “Submit.” You can also select the option to hide public results if you prefer. The scan might take a minute or two but it will show you all the fine details regarding a site’s SSL/TLS configuration.

Check out our in-depth tutorial on a couple things to check for when running an SSL test.

We’ve taken our knowledge of effective website management at scale, and turned it into an ebook and video course. Click here to download The 2023 Guide to Managing 60+ WordPress Sites!

15. Update Your Operating System

Older operating systems fall out of date with newer technologies such as TLS 1.3 and the latest cipher suites as browsers stop supporting them. Specific components in the latest SSL certs will simply stop working. Google Chrome, in fact, pulled the plug on Windows XP back in 2015. We always recommend upgrading to newer operating systems if possible, such as Windows 10 or the latest version of Mac OS X.

Make sure your device is up-to-date on Windows, Mac, or another operating system.

16. Restart Your Computer

We know it’s annoying, but it has to be mentioned. 😬 If none of the above options work, trying restarting your computer and even your router. We realize many of you probably have hundreds of tabs or applications open and that’s why we made this one of the last options. But rebooting devices actually clears out a lot of temporary cache and hiccups.

17. Reach out For Help

Still seeing the “your connection is not private” error? Don’t be afraid to reach out and ask for help. If you see this on your own site, feel free to open up a ticket with our Kinsta support team. We can help you determine why this might be happening and if it is indeed an issue on your website itself.

The Google Chrome Help Forums can also be especially helpful! You can guarantee there are users that have already experienced the same error or bug, and are ready to help.

18. Disable Chrome Checking SSL Certificates

You can also disable Chrome checking SSL certificates. However, we can’t stress enough, this is only meant for testing and development purposes. Don’t ever use the following options unless you know exactly what you’re doing.

Allow Invalid Certificates From localhost

If you’re testing locally, you might be able to use the Chrome flag to simply allow insecure connections from localhost. In Chrome, browse to: chrome://flags/. Search for “insecure” and you should see the option to “Allow invalid certificates for resources loaded from localhost.” Enable that option and restart your browser.

Disable Chrome Checking All SSL Certificates

You can tell Chrome to ignore all SSL certificate errors by passing the following at the command line at launch. If you’re on Windows simply right-click into the properties of the launcher. Then add --ignore-certificate-errors in the target field. Then restart Chrome.

Summary

Browser errors are never fun and can sometimes be difficult to troubleshoot. Hopefully one of the tips above will help you resolve the “your connection is not private” error as quickly as possible. Remember, these are typically caused by something misconfigured on your own computer or with the certificate on the website itself.

Was there anything we missed? Perhaps you have another tip on troubleshooting the connection error. If so, let us know below in the comments.

Разработчики большинства веб-обозревателей прикладывают все усилия, чтобы обеспечить своим пользователям безопасный веб-серфинг. В частности, если браузер Google Chrome заподозрит неладное, то на вашем экране отобразится сообщение «Ваше подключение не защищено».

Что означает «Ваше подключение не защищено»?

Подобная проблема означает лишь то, что у запрашиваемого сайта проблемы с сертификатами. Данные сертификаты нужны в том случае, если веб-сайт использует защищенное подключение HTTPS, а это на сегодняшний день подавляющее большинство сайтов.

При переходе на веб-ресурс Google Chrome в обаятельном порядке проверяет не только наличие у сайта сертификатов, но и сроки их действия. И если у сайта имеется сертификат с истекшим сроком действий, то, соответственно, доступ к сайту будет ограничен.

Как убрать сообщение «Ваше подключение не защищено»?

Прежде всего хочется оговориться, что каждый уважающий себя сайт всегда имеет актуальные сертификаты, т.к. только таким образом может быть гарантирована безопасность пользователей. Устранять проблемы с сертификатами можно только в том случае, если вы на все 100% уверены в безопасности запрашиваемого сайта.

Способ 1: установка верных даты и времени

Часто при переходе на безопасный сайт сообщение «Ваше подключение не защищено» может возникнуть из-за того, что на вашем компьютере установлены неправильные дата и время.

Устранить проблему достаточно просто: для этого лишь достаточно изменить дату и время в соответствии с текущими. Для этого щелкните левой кнопкой мыши по времени в трее и в отобразившемся меню щелкните по кнопке «Параметры даты и времени».

Желательно, чтобы у вас была активирована функция автоматического задания даты и времени, тогда система сможет настроить данные параметры с высокой точностью. Если же это невозможно, задайте данные параметры вручную, но на этот раз, чтобы дата и время соответствовали текущему моменту для вашего часового пояса.

Способ 2: отключение блокирующих расширений

Различные VPN-расширения запросто могут провоцировать неработоспособность некоторых сайтов. Если у вас установлены расширения, которые, например, позволяют получить доступ к заблокированным сайтам или сжимают трафик, то попробуйте их отключить и проверить работоспособность веб-ресурсов.

Чтобы отключить расширения, щелкните по кнопке меню браузера и в отобразившемся списке перейдите к пункту «Дополнительные инструменты» – «Расширения».

На экране отобразится список расширений, где вам потребуется отключить все дополнения, которые связаны с параметрами интернет-соединения.

Способ 3: устаревшая версия Windows

Данная причина неработоспособности веб-ресурсов не касается пользователей Windows 10, т.к. в ней отключить автоматическую установку обновлений не представляется возможным.

Однако, если у вас более младшая версия ОС, и вы отключили автоматическую установку обновлений, то вам следует обязательно проверить наличие новых обновлений. Выполнить проверку обновлений можно в меню «Панель управления» – «Центр обновления Windows».

Способ 4: устаревшая версия браузера или сбой в работе

Проблема может заключаться и в самом браузере. Прежде всего, вам потребуется проверить наличие обновлений для браузера Google Chrome. Так как мы прежде уже рассказывали об обновлении Google Chrome, то на данном вопросе останавливаться не будем.

Читайте также: Как полностью удалить Google Chrome с компьютера

Если данная процедура вам не помогла, следует выполнить полное удаление браузера с компьютера, а затем установить его снова с официального сайта разработчика.

Скачать браузер Google Chrome

И только после того, как браузер будет полностью удален с компьютера, можно приступать к его загрузке с официального сайта разработчика. Если проблема заключалась именно в браузере, то после завершения установки сайты будут без проблем открываться.

Способ 5: ожидание обновления сертификатов

И, наконец, все же стоит предположить, что проблема заключается именно в веб-ресурсе, который вовремя не обновил сертификаты. Здесь вам не остается ничего больше, как ждать обновления веб-мастером сертификатов, после чего доступ к ресурсу будет возобновлен.

Сегодня мы рассмотрели основные способы борьбы с сообщением «Ваше подключение не защищено». Обратите внимание, что перечисленные способы актуальны не только для Google Chrome, но и для других браузеров.

You’ve likely come across a privacy warning or error as you’ve searched the internet before — it can instantly cause a rush of panic. Have you accidentally clicked a spam link? Has your information been compromised?

It can be especially concerning if this happens on your own website — you might wonder if you’ve been hacked or if your audience will stop visiting your site due to such an error.

Luckily, this is actually a common error that you can solve as well as prevent from happening again in the future by following a few simple tips. In this post, we’ll tell you how to fix the error, “Your Connection is Not Private.”

• What does «Your Connection is Not Private» mean?
• HTTP vs HTTPS
• How to Fix «Your Connection is Not Private»

What does “Your Connection is Not Private” mean?

When you visit a website, you may notice there’s often a small lock symbol in the URL bar. Or, you may see HTTPS at the beginning of the URL. Both of these things mean the website is secure.

To access a website, your browser sends a request to the host server of that website. The host server then sends the website’s certifications to prove the site is safe and secure. But if the certificate isn’t validated by your browser for any reason, you’ll be greeted with the ominous “Your Connection is Not Private” error message like the one pictured below.

Image Source

This likely means there’s an issue with the website’s SSL certificate. As a user, your data could be compromised if you move forward. And as a business, you don’t want your site visitors to see this error — you’ll want to fix it as soon as possible to restore your website’s security and let visitors know they’re safe on your website.

What is an SSL certificate?

SSL stands for Secure Socket Layer, and this is a type of encryption that shields user data from hackers. An SSL certificate is particularly important for websites that sell goods and services, as this certification helps protect users’ payment information.

If the SSL certificate is expired or works for only a website’s domain but not its subdomains, the “Your Connection is Not Private” error will appear. It’s also possible to obtain SSL certification from unknown organizations, but if your browser doesn’t identify the source as trustworthy, this error will also appear.

HTTP vs. HTTPS

In the earlier days of the internet, you might recall seeing just HTTP in the URL for most websites. Although HTTPS was released in 1995, it wasn’t widely used until the 2010s.

Nowadays, more than 46 million websites on the internet are encrypted, meaning they include HTTPS in the URL. HTTP means the website is not encrypted which makes it easier for hackers to compromise a website. Security certifications like SSL were once more expensive, but the importance of protecting user data (and by extension, visitor trust) has led many established platforms to offer website owners SSL certificates for free.

Plus, switching to HTTPS is beneficial for websites, as Google and other search engines prioritize encrypted websites in search rankings.

Learn more about website optimization and how to do it by taking this free course.

So what exactly are you supposed to do if you come across a “Your Connection is Not Private” error on another website or your own? The steps below will walk you through exactly how to fix this issue.

1. Reload the web page.

Refresh the page or close your browser, reopen it, and visit the website again. There could have been a glitch on either party’s end, or your browser’s server request could have failed. Sometimes simply reloading the page will do the trick.

2. Check your Wi-Fi.

That free Wi-Fi at your local cafe can be handy, but public Wi-Fi is one of the top reasons a user may get the “Your Connection is Not Private” error. Public Wi-Fi typically runs on HTTP, and you’ll receive the error as a warning that your connection is not encrypted.

Public Wi-Fi networks often have a portal page where you have to sign in and accept terms and agreements before you can access HTTPS websites.

Pro Tip: If you must use public Wi-Fi, consider installing a virtual private network (VPN) to protect your identity.

3. Look at the Date and Time on Your Device.

If your computer’s date and time don’t match up with those shown on your browser, this privacy error could appear. Also, an incorrect date and time may show the SSL certificate of a website as expired which would also lead to the error.

Go into your computer settings to check the date and time and correct them if necessary. Then reload the page.

4. Go incognito.

“Incognito Mode” means your browser will not save information on your browsing habits. By going incognito, you can check to see if your cache is causing the privacy error.

If you aren’t receiving the “Your Connection is Private” error while searching incognito, then try clearing your cache. You can also use another browser to visit the website, as some browser extensions may lead to the error.

5. Clear your cookies and cache.

Your cookies and cache store information about your browsing actions to make using the internet more efficient. For example, it can save your searches and the websites you frequent, making connecting to those websites or search results even faster the next time you need them.

But this saved data could cause issues if it isn’t refreshed periodically. If the connection privacy error occurs, go into your browser settings > history > clear cookies and cache.

Close the browser and reopen it — then revisit the page.

6. Check your antivirus software.

Antivirus software is meant to protect you from websites that aren’t secure, but it can also conflict with your browser’s ability to do the same thing. Temporarily turn off your software after receiving the error, then visit the website again.

If the error is gone, your antivirus software has been overriding your network. If the error persists, you can re-enable your antivirus software and test one of the other methods to identify the problem.

7. Update the operating system.

Google suggests updating your device’s operating system if you receive this error. An outdated device may not be compatible with or capable of recognizing updated websites and SSL certificates.

To update an operating system on macOS, go to your system preferences > software update. Check for updates and install them.

On a Windows computer, go to the control panel > search for update > Check for updates and install them.

Image Source

8. Carefully proceed.

If all else fails, you can go into Advanced Settings on the «Your Connection is Not Private» screen and proceed to the website, but this is not recommended. The error is there for a reason.

If you’ve tried every method of fixing the issue and it persists, it means your connection isn’t secure.

By proceeding, you are taking a huge risk with your personal data. We cannot stress this enough — proceeding “with caution” is not recommended.

Stay Safe and Secure While Browsing Online

The “Your Connection is Not Private” error is one of the most helpful messages you can receive because it keeps you and your personal information safe. Simply coming across this error isn’t cause for concern as there are many innocuous reasons why your connection may not be secure.

By testing the methods above to resolve the error, you can efficiently target and resolve the root cause of the error. If none of the above steps make the error message go away, simply step away from the website to avoid putting your data at risk and find an alternative website option.

Editor’s note: This post was originally published in January 2021 and has been updated for comprehensiveness.