As we all know, when it comes to protecting its users’ data, Google follows some rather tight security protocols. When using Chrome, Google informs users when they come across dangerous or malicious websites. One of them is Your Connection Is Not Private.
Though it informs users about websites that appear to be malicious, it can be aggravating when it blocks legitimate websites. If you’ve recently encountered this mistake, we recommend that you read our article to learn how to fix it.
What Does the Error “Your Connection Is Not Private” Mean?
When you try to access websites that use HTTPS, you seem to get the Your Connection Is Not Private problem (Hyper Text Transfer Protocol).
The majority of us understand how a website is accessed from a server. To summarise, when a user types the URL/name of a webpage into their browser and presses enter, the browser sends a request to the server that hosts the site.
The browser must additionally evaluate the site’s certificate to ensure that it complies with current privacy standards and is legitimate. These certificates are also checked against the certificate authority during the TLS handshake.
If the browser determines that the certificate is invalid or could lead to a data breach, the browser will prevent the user from visiting the website. Most browsers have this feature built in to protect their users’ privacy.
In other words, if the certificate does not appear to be valid, data received or sent from that webpage cannot be properly encrypted, making it hazardous for the user to visit the website (especially, with login credentials or payments with or without gateways).
As a result, the browser displays the error message Your Connection Is Not Private and the requested page is not loaded.
Error Variations: Your Connection Is Not Private
When it comes to the variables that produced the issue, they could be the web browser you’re using, your operating system, or the certificate configuration on the servers. Even if the issues aren’t caused by the same thing, the troubleshooting processes are always the same.
Chrome is a web browser developed by Google.
If you use Google Chrome, you may have observed that if there is an issue validating the certificate, the following error appears along with the message Your Connection Is Not Private.”
“Attackers may be attempting to steal your information from domain.com (such as passwords, messages, or credit cards).”
Google also tries to specify the specific issue by mentioning each one. Check out the list below for some of the most common error codes that appear in the Chrome browser.
1.ERR CERT SYMANTEC LEGACY = ERR CERT SYMANTEC LEGACY = ERR CERT SY
2. ERR CERT AUTHORITY INVALID (NET::ERR CERT AUTHORITY INVALID)
3. ERR CERT COMMON NAME INVALID NET::ERR CERT COMMON NAME INVALID NET::ERR CERT COMMON_ (this occurs when the certificate does not match the domain)
4. ERR CERT WEAK SIGNATURE ALGORITHM (NET::ERR CERT WEAK SIGNATURE ALGORITHM)
5. NTE::ERR CERTIFICATE TRANSPARENCY REQUIRED NTE::ERR CERTIFICATE TRANSPARENCY REQUIRED
6. NET::ERR CERT DATE INVALID NET::ERR CERT DATE INVALID NET::ERR CERT_
7. SSL certificate error
ERR SSL VERSION OR CIPHER MISMATCH ERR SSL VERSION OR CIPHER MISMATCH ERR SSL VERSION_
Firefox is a web browser developed by Mozilla.
The error message “Your Connection Is Not Private is displayed along with the following content for Firefox users.
“The domain.com owner has set up their website incorrectly. Firefox has not linked to this website to safeguard your information from being stolen.”
Firefox additionally specifies the error codes alongside the message so that users may figure out why the error occurred in the first place.
1. MOZILLA PKIX ERROR ADDITIONAL POLICY CONSTRAINT FAILED MOZILLA PKIX ERROR ADDITIONAL POLICY CONSTRAINT FAILED
2. SEC ERROR EXPIRED ISSUER CERTIFICATE SEC ERROR EXPIRED ISSUER CERTIFICATE
3. EXPIRED CERTIFICATE ERROR SEC ERROR EXPIRED CERTIFICATE
4. SEC ERROR UNKNOWN ISSUER (SEC ERROR UNKNOWN ISSUER) (SEC ERROR
5. MOZILLA PKIX ERROR MITM DETECTED MOZILLA PKIX ERROR MITM DETECTED ERROR SELF SIGNED CERT
6. ERROR SELF SIGNED CERT
SSL ERROR BAD CERT DOMAIN is a type of SSL ERROR BAD CERT DOMAIN.
Microsoft Edge is a browser developed by Microsoft.
When using Microsoft Edge, the error message “Your Connection Is Not Private” is displayed.
“Attackers may be attempting to steal your information from domain.com (such as passwords, messages, or credit cards).”
Microsoft Edge additionally shows a variety of error codes on the user’s screen to help them figure out what’s wrong:
1. ERR CERT COMMON NAME INVALID NET::ERR CERT COMMON NAME INVALID NET::ERR CERT COMMON_ (this occurs when the certificate does not match the domain)
2. Code of Error: 0
3. DLG FLAGS INVALID CA DLG FLAGS INVALID CA
DLG FLAGS SEC CERT CN INVALID is one of the DLG FLAGS SEC CERT CN INVALID flags.
Safari is the most popular browser on Mac OS or iOS, and it’s where the error notice “Your Connection Is Not Private appears.
“The website could be pretending to be “domain.com” in order to steal your personal or financial information. You should return to the previous page.”
How to Resolve the Error “Your Connection Is Not Private”
Because most of us visit a variety of websites on a daily basis, this type of error is extremely prevalent. As previously stated, the mistake might be caused by two basic issues.
It’s either a user-side issue (your browser, operating system) or a unique problem with the website’s certificate (Wrong domain, Not legit, not trusted by the organization). Let’s take a look at both issues in this essay.
Methods to Identify and Correct the Problem are Listed
For best results, go through the list in order from top to bottom.
Method 1: Reloading the Page
Some users may think it’s foolish, but reloading the website can solve a variety of problems, including connection troubles, poor network, and so on. This is why, if you see an error message that says Your Connection Is Not Private’ you should close your browser and reopen it.
It’s possible that the website owner is attempting to reissue his or her own SSL certificate. It’s also possible that the browser has malfunctioned.
Method 2: Proceed Manually (Unsafe)
This procedure is quite dangerous. Regardless of the issue, it is manually continue with the website. Most technicians advise against using this strategy since it could result in a massive data leak. Especially when you’re trying to enter your login credentials or make a credit/debit card payment.
This option should only be used if you are completely aware of the browser’s intentions. The owner of the website is attempting to steal your data that you transfer via the web to its server, which is why you are seeing this message. As a result, it is in the user’s best interest to abandon the webpage as soon as possible.
Users should keep in mind that if this issue appears while they are in a public location, shutting it would be the best option.
If you still want to access the website, look under the error message for a button labelled “continue to domain.com.” It can also be turned off depending on your browser settings. So look into the “Advanced” option.
Note that if your website uses HSTS (HTTP Strict Transport Security), this option will not be available to you since they have already defined an HTTP header that prevents non-HTTPS connections from passing through the browser.
If you’re unsure or don’t want to go through the process manually, try the options listed below to discover a suitable answer.
Method 3: Do you happen to be in a café or an airport?
You may have observed that this error message appears more frequently in places such as a café or an airport. It’s either because a big number of websites are still using HTTPS, or it’s because it’s not configured properly.
As a result, the error will remain on the screen until you accept the agreement’s terms and conditions to sign in. If you refuse to accept the portal’s terms in order to connect to an HTTPS site, the error message will keep appearing.
Follow the instructions below:
Step 1: Connect to the network of the café or airport’s Wi-Fi.
Step 2: Go to any site that isn’t HTTPS, such as http://www.airlines.com.
Step 3: As previously stated, a sign-in page should now appear. You must first accept the terms before logging in. Because the terms include a tick, you won’t have to bother about using HTTPS. After you’ve established a secure connection, you can visit the websites you want using HTTPS.
If you can’t find the sign-in page, type 22.214.171.124 into your browser’s address bar.
We’d also want to point out that when using public Wi-Fi, a VPN can assist safeguard you by masking your traffic. We’ve compiled a list of some of the most widely used VPNs:
1. Internet Access with Confidentiality
Method 4: Check the Clock on your Computer
One of the most common causes of the “Your Connection Is Not Private error message is a malfunctioning computer clock. Most browsers rely heavily on the device clock being correctly synchronised in order to verify the SSL certificate.
The most common cause of clock disorientation is the acquisition of a new computer or laptop with Wi-Fi. It normally does not sync on its own after the first login. So, to set the right time on your device, follow the steps below.
Step 1: Right-click on the time option in the taskbar’s bottom right corner.
Step 2: Select the “Adjust date/time” option.
Step 3: Select “Set time automatically” and “Set time zone automatically” from the drop-down menus. These choices will update the time automatically using one of Microsoft’s NTP servers. Return to the task bar and double-check the time to ensure it is correct. Otherwise, use the change button to manually change the time zone.
Step 4: Close and reopen the browser. Finally, return to the website.
Step 1: Select “System Preferences” from your system’s apple menu.
Step 2: Select the Date & Time icon from the drop-down menu. If you see a padlock at the bottom of your window, try clicking it and entering your administrator name and password.
Step 3: Now choose “Automatically set date and time.” This will set the time on your computer to one of Apple’s NTP servers.
Step 4: After that, go to the Time Zone tab. If the location isn’t identified correctly, uncheck it and set it manually. Select your time zone area and city on the map.
Step 5: Close and reopen the browser. Return to the website now.
Method 5: Experiment with incognito mode.
This approach has been shown to be extremely safe. Users can also use incognito mode to browse the internet anonymously. This mode ensures the security of your data by preventing it from being stored on any server. However, you can try a different browser to see whether the Your Connection Is Not Private problem still occurs.
New incognito tab is where you’ll find Incognito mode in Google Chrome. “New private window” appears in Mozilla Firefox’s incognito mode. In Microsoft Edge, it’s referred to as a “InPrivate window.”
Method 6: Delete the Cache and Cookies in Your Browser
Clearing your browser’s cache and cookies can help with a variety of problems. It’s also straightforward to do with basic directions. To resolve the issue, consider clearing your browser cache and cookies before contacting your system maker or network provider. To learn how to do this in different browsers, click the links below.
Method 7: Try clearing your computer’s SSL state.
Although many users overlook this option, clearing the SSL state in Chrome, similar to clearing the cache and cookies in your browser, can be highly handy. Follow the steps below to get started:
Step 1: Open the Google Chrome browser and go to the top right corner of the window to the customise and control button. Select options from the drop-down menu.
Step 2: Select Show Advanced Settings from the drop-down menu.
Step 3: Select Change Proxy Settings from the Network section and press it. Internet properties is the name of the dialogue box that appears.
Step 4: In the menu, select the content tab.
Step 5: Click the Clear SSL state button under certificates and then the OK button.
Step 6: Restart Chrome to see if the modifications took effect.
If you’re using a Mac, go to this page to clear your SSL status.
Method 8: Change DNS Servers
Changing DNS servers has only worked for a few people. These issues have encountered frequently when using Google’s public DNS (8.8.8 and 126.96.36.199) or Cloud flare’s DNS (188.8.131.52 and 184.108.40.206).
We propose that you disable this and return to your IDP’s DNS server to see if that helps. Because a huge number of people utilise Google and Cloud flare DNS servers, it may be excellent.
Select “Obtain DNS server address automatically” from the network connection properties window. You can also close this window if you’ve connected your router to Google’s public DNS or Cloud flare’s DNS.
Method 9: Temporarily disable VPN and antivirus.
Certain VPNs and antivirus programmes may have built-in mechanisms that obstruct or override your network settings. This also covers the disabling of specific SSL certificates. If you have any third-party applications installed, disable them or turn off the “SSL scan” feature in their settings. Check to see if the issue “Your Connection Is Not Private has been resolved.
Check to see if the certificate hasn’t expired.
SSL certificates may expire without notifying the owner in the majority of cases. Even well-known companies have been known to forget to renew their SSL certificates. This is far more common than we realise. The following are the most common causes of this.
1. The domain registrar or SSL certificate supplier may have auto-renew enabled for the website owner to be notified.
2. Auto-renew may be turned on, but the payment fails; this typically occurs when the user forgets to update their current payment method. Users typically change payment cards more frequently than they view their domain registrar’s dashboard in a year.
3. The website owner may have been utilising a free Let’s Encrypt certificate as the third option. This normally lasts for more than 90 days, and they don’t keep a script to renew it.
4. The error code for this is NET::ERR CERT DATE INVALID.
5. It’s a good habit to verify your certificate’s expiration date on a regular basis. This is accomplished by using Chrome DevTools while browsing a website. By clicking on the Security tab, you may access the “View certificate” option. The certificate information is displayed in the “Valid from” dates.
6. A site’s SSL certificate can also be examined by hovering your mouse over the padlock in the URL bar. Finally, select “Certificate.”
Method 11: Check Subject Alternate Domain
Every certificate, it appears, will have a topic alternate domain. It contains domain name variations, especially for the certificate that was issued and is still valid. It’s important for users to remember that https://domain.com and https://www.domain.com are two separate domains.
The error code SSL ERROR BAD CERT DOMAIN is usually displayed alongside the problem message. If you see this, it means the certificate isn’t correctly registered on both domain variants. However, thanks to sites that use HTTPS, this is gradually decreasing.
This issue may also occur if you have recently changed your domain name. For instance, suppose you obtained a new.com address and decided to replace your previous domain. If you haven’t installed the SSL certificate on your new domain, you’ll see the error NET::ERR CERT COMMON NAME INVALID.
Method 12: Is the certificate SHA-1?
SHA-1 is well-known among those who work in the field of information security. SSL certificates on websites frequently use the SHA-1 cryptographic hash technique. Unfortunately, SHA-1 has degraded over time and is no longer supported by any modern web browser.
If the website you’re trying to access still utilises this ancient hash algorithm, you’ll most likely get the Your Connection Is Not Private error.
The following are some of the web browsers that have abandoned SHA-1.
1. In Chrome 56, Google Chrome dropped support for SHA-1 (January 2017).
2. In Firefox 51, Mozilla Firefox announced the retirement of SHA-1 (February 2017).
3. Microsoft has also announced that SHA-1 issued TLS certificates will be blocked (January 2017).
4. Also, keep in mind that the majority of certificates now employ the SHA-256 algorithms. You may check this by glancing at the “Details” tab while browsing a website’s certificate.
Method 13: Is the certificate issued by Symantec?
Users were notified in January 2017 that Symantec has engaged in several unethical actions in the process of providing certificates. Regrettably, they failed to achieve the CA/browser forum’s industry-standard baseline requirements. It was also discovered that the manufacturer has been aware of this for quite some time.
Because of this, browsers have opted to boycott Symantec certificates and refuse to support them. As a result, if the website you’re trying to access has a certificate issued by them, you can get an error saying Your Connection Is Not Private.
The following is the timeline as it unfolds:
1. Symantec timeline on Google Chrome
2. Symantec’s Mozilla Firefox timeline
3. Microsoft has yet to provide an official statement on the matter.
4. If your website appears to be using a Symantec certificate, you’ll notice the following problem code: NET::ERR CERT SYMANTEC LEGACY.
Method 14: Run an SSL Server Test
If the user is unsure whether he or she has properly set up everything on his or another’s website, the SSL Server comes to the rescue. SSL/TLS certificates will require the installation of both the primary and intermediate certificates.
If the website’s owner has not correctly deployed these certificates, users will almost certainly receive a warning error in their browser. As a result, they are unable to access the website. The warning about the wrongly setup certificate may be presented depending on the user’s browser and version.
There is a free SSL check tool available from Qualys SSL Labs that consumers can utilise. Certificate verification is really reliable. Go to this link and enter your domain name in the Hostname form before clicking the Submit button. Allow 2-3 minutes for the website to load and display the SSL/TLS configuration settings for the site.
Method 15: Make sure your operating system is up to date.
Every day, a new version of the operating system is released, and it is always growing and developing. When it comes to newer technologies like TLS 1.3 and the latest cypher sites, older operating systems are at a disadvantage. Certain components of the most recent SSL certificates will stop working.
Google, for example, stopped using Windows XP in 2015. As a result, it is always recommended to work with newer operating systems, such as Windows 10, by upgrading them on a regular basis.
Always keep an eye on the most recent updates for Windows, Mac, Linux, and other operating systems.
Method 16: Restart your computer
If none of the preceding suggestions worked, the most straightforward and straightforward approach to resolve the error is to restart the system as well as the network. Rebooting devices has been shown to clear unneeded cache and aid in the removal of the problem.
Method 17: Seek Assistance
Is the error Your Connection Is Not Private still visible on your screen? Also, if none of the aforementioned ways worked, don’t get too worked up. However, you should contact your system maker, network provider, or any technical support representative for assistance.
It’s worth noting that the Google Chrome Help Forums can be extremely helpful in locating a viable solution. There are people from all over the world here, and anyone who has encountered the same mistake may be able to assist you.
Method 18: Disable Chrome’s SSL Certificate Checking
Chrome users can easily turn off the SSL certificate verification feature. We do not totally suggest this strategy because it is only intended for testing and development. This procedure should not be used if you are not completely aware of what you are doing.
Allow Certificates with Invalid Signatures from a Local Host
You can use the Chrome flag to allow insecure connections from a local host if you’re testing locally. Go to Chrome and type chrome:/flags/ into the address bar. Now go to the next page and look for “insecure.” The option “Allow incorrect certificates or resources loaded from local host” may appear. Exit the browser after activating this option by enabling it. Restart your browser to see if the changes have taken effect.
Chrome will no longer check all SSL certificates.
By simply typing the following at the command line at launch, users can request that the Chrome browser disregard all SSL certificate errors. If you’re a Windows user, right-click on the launcher’s properties. In the target field, type —ignore-certificate-errors. Finally, Chrome should be restarted.
You’ve come a long way in your quest for an answer to your problems. I hope you were able to find a solution to the error Your Connection Is Not Private. We recommend that you only visit the safer sites and that you do not give the sites access to your personal information. Do not rush through websites that are risky or untrustworthy.