Today, we’ll look at how to fix the “your connection is not private” error and show you how to get things working again. Read more about the reasons for this problem and how to prevent it in the future.
We work with dozens of different WordPress sites daily, so we’ve seen it all when it comes to all forms of issues. From database connection failures to the white screen of death, ERR_CACHE_MISS, and browser/TLS troubles, there’s something for everyone. Some of them can be highly bothersome and sometimes even scary for the typical WordPress user. You can suffer from website downtimes, which means you are losing money, depending on the type of issue. It’s also possible that your computer’s browser needs to be updated.
Table of Contents
What Does the Error “Your Connection Isn’t Private” Mean?
The “Not private” error appears exclusively in HTTPS-enabled sites (or should be running over HTTPS). Your browser sends a request to the host server when you visit a website. The browser must then check that the certificate installed on the site complies with existing privacy requirements. The TLS handshake, the certificate checked against the certificate authority, and the certificate decrypted all of these things happen.
If the browser detects an invalid certificate, it will attempt to prevent you from accessing the site. To protect the user, web browsers include this function. If the certificate isn’t configured correctly, data can’t be encrypted properly, making the site hazardous to browse (especially for those with logins or who process payment information). Instead of loading the site, it will display an error message such as “your connection is not private“.
Google Chrome
If a Google Chrome certificate validation fault exists, the error “your connection is not private” appears.
This is also followed by an error code notice that aids in the identification of the exact problem. Here are a few of the most common error codes that you may see in Google Chrome:
- ERR_CERT_SYMANTEC_LEGACY
- NET::ERR_CERT_AUTHORITY_INVALID
- NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
- NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
- NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
- NET::ERR_CERT_DATE_INVALID
- ERR_SSL_PROTOCOL_ERROR
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Mozilla Firefox
The error notice on Mozilla Firefox is slightly different, and instead of “your connection is not private,” it says “your connection is not secure.”
It’s accompanied by an error code notice, just like Chrome, to assist you in figuring out what’s wrong. The following are a few of the most typical error codes that you may encounter with Mozilla Firefox:
- MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
- SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
- SEC_ERROR_EXPIRED_CERTIFICATE
- SEC_ERROR_UNKNOWN_ISSUER
- MOZILLA_PKIX_ERROR_MITM_DETECTED
- ERROR_SELF_SIGNED_CERT
- SSL_ERROR_BAD_CERT_DOMAIN
Microsoft Edge
The error “Your connection isn’t private” will also appear in Microsoft Edge.
These are also accompanied by a notification with an error code. The following are some of the most prevalent error codes:
- NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
- Error Code: 0
- DLG_FLAGS_INVALID_CA
- DLG_FLAGS_SEC_CERT_CN_INVALID
Interesting:- 8 Ways to Fix the “Your IT Administrator Has Limited Access” Error
Safari
The problem message in Safari is “Your connection is not private.”
How to Fix the Your Connection is Not Private Error
If you’re getting a “your connections are not private” issue, you might not know where to start. According to our experience, these problems are caused by two things: the first is a client-side issue (your browser, computer, or operating system), and the second is a problem with the website’s certificate (expired, wrong domain, not trusted by the organization). So we’ll do a little bit of both.
Interesting Blog:- 192.168.100.1: The Router Admin Page With The Easiest Access To Network Security
Here are some suggestions and things to look into to fix the problem:
1. Reload the Page
When getting a “your connection is not private” issue, one of the simplest and first things you should attempt is to close and re-open your browser and try loading the page again. The website owner may be reissuing their SSL certificate or failing to function in your browser.
2. Manually Proceed (Unsafe)
The second option is the handling of the procedure. We never advise you to do this unless you are sure your activities will not lead to encryption. Skip on to the next steps if you’re only going to be inputting login credentials or payment information.
This option is offered mainly so that we can thoroughly explain the consequences of doing so. If you see this error, someone is likely attempting to deceive you or steal any information you provide to the server, and you should close the site right away. You could potentially have hacked the website and inserted a misleading redirection. Never try to get around this screen in a public location.
If you still want to go, look for a link that says “Proceed to domain.com” near the bottom of the error screen. This is sometimes concealed under the “Advanced” option, depending on the browser. This option will not be available if the website uses HSTS (HTTP Strict Transport Security), which implies they have implemented an HTTP header that never accepts non-HTTPS connections.
You May Like:- Error Fixed – Your device is missing important security and quality fixes
3. Are You in a Cafe or Airport?
This may seem odd, but coffee shops and Wi-Fi connections at the airport are among the most typical sites where people get the “no private link” warning. Why? Because many do not always use HTTPS or if they are, they are not configured correctly. In general, it refers to the portal sign-in screen, which accepts the terms and conditions. This error could appear while attempting to connect to a (safe) HTTPS website before you agree to the terms of the portal. Some easy ways of doing that are here.
- Connect to the cafe or the airport’s Wi-Fi.
- Browse to a non-HTTPS site, such as http://www.techniciansnow.com
- 3. Then open the sign-in page. You can accept and log in to the terms. Because the terms are usually only a checkbox, if it doesn’t work via HTTPS, you shouldn’t be too concerned. You can then navigate to HTTPS sites once connected. Tip: You could attempt to type 1.1.1.1 in your browser if you cannot open the sign-in page, too (source).
Remember that a VPN might enable you to secure yourself by encrypting your data if you utilize public Wi-Fi. Here are many famous people to study:
- Private Internet Access
- TunnelBear
- NordVPN
4. Check Your Computer’s Clock
Another usual reason why you “do not have a private connection” is that your computer’s clock is out of sync. For verification, browsers rely on the right SSL certificate synchronization. If you recently bought a new computer and a Wi-Fi laptop in particular, you can simply do it. Normally, after your first login, they will not sync instantaneously. Here are the methods to make the time changes on your computer. It should be noted that mobile devices can do so too.
Windows
1. Right-click the time in the bottom right-hand task tray.
2. Select “Adjust date/time.”
3. Choose “Automatically set time” and, if desired, “Automatically set time zone.” One of Microsoft’s NTP servers will be used to update this. Make sure the time in the bottom right-hand task tray is correct by double-checking it. If not, you can manually select a time zone by clicking the “Change” option.
4. Close your browser and re-open it. Then try revisiting the website.
Mac
- From the Apple menu click on “System Preferences”
- Select the icon Date and Time. You may need to click on this padlock at the bottom of the window and enter the username and password of the administrator.
- Select “Set date & time automatically.” This will update according to one of Apple’s NTP servers.
- Select the Time Zone tab. You can set it manually if it does not automatically determine your location. Select the area and city of your time zone on the map.
- Close your browser and re-open it. Then revisiting the website.
5. Try in Incognito Mode
Clearing your browser’s cache is usually the next step we recommend. For many of us, though, this is easier said than done. You may always open your browser in incognito mode if you want to see if it’s your browser cache without clearing it. Alternatively, try using a different browser to see if the “your connection is not private” issue still appears. Chrome addons are also worth considering. However, this will assist you in putting that to the test.
Incognito mode is referred to as a “New private window” in Mozilla Firefox. It’s known as the “New InPrivate Window” in Microsoft Edge.
6. Clear Browser Cache and Cookies
Clearing your browser cache is always a smart troubleshooting step before getting into further in-depth troubleshooting if you suspect it’s your browser.
- Open Chrome on your PC.
- Click More More in the upper right corner.
- To clear browsing data, go to More tools and then Clear browsing data.
- Choose a time range at the top. Select All Time to erase everything.
- Check the boxes next to “Cookies and other site data” and “Cached pictures and files.“
- Clear the data by clicking the Clear button.
7. Try Clearing the SSL State on Your Computer
Clearing the SSL state in Chrome is sometimes ignored, but it may be quite useful and is simple to do. If things get out of sync, this can help, just like clearing your browser’s cache. Follow these steps to clear the SSL status in Chrome on Windows:
- Select Settings from the Google Chrome.
- Select Show Advanced Settings.
- Select Change proxy settings from the Network menu. A dialogue window called Internet Properties appears.
- Select the Content tab.
- Select “Clear SSL state”, and then click OK.
- Restart Chrome.
8. Change DNS Servers
Altering your DNS servers is the next step you can do. When using Google’s Public DNS (8.8.8 and 8.8.4.4) or Cloudflare’s DNS, we’ve experienced the “your connection is not private” issue before (1.1.1.1 and 1.0.0.1). DNS issues can occasionally be resolved by removing this and reverting to your ISP’s DNS servers. Google and Cloudflare are not always optimal, and we have encountered problems with them.
Go to Windows and check the box next to “Automatically obtain the DNS server address.” On your router, you might need to reinstall if you’ve installed Google’s Public DNS or Cloudflare’s DNS.
9. Disable VPN and Antivirus Temporarily
VPNs and antivirus software can sometimes interfere with or override your network settings, such as limiting SSL certificates or connections. If any are open, consider temporarily disabling them (closing them) or turning off their “SSL Scan” option to see if the “your connection is not private” problem in Chrome is resolved.
10. Make Sure the Certificate Hasn’t Expired
SSL certificates expire all the time without the website owner’s knowledge. In actuality, there’s a great deal more than you might think. Even Fortune 500 firms are affected! In a matter of seconds, we were able to locate the tweet below. Huntington Bank merely failed to renew its SSL certificate, which isn’t a big concern.
Typically this happens due to the following reasons:
- The domain registrar or SSL certificate supplier does not have auto-renew enabled for the website owner.
- Even if auto-renewal is permitted, there is no payment, since the payment method has not been updated by the user. Over the years, users often exchange payment cards more often than they see the dashboard of their domain registrar.
- The website owner is using a free Let’s Encrypt certificate that expires every 90 days, and they either don’t have a script in place to renew it or forget to do so. This process was automated, so you won’t have to worry about the completion of your Free SSL certificates.
As a result, the following error code appears NET::ERR CERT DATE INVALID.
By using Chrome DevTools while on the site, you may quickly check a certificate’s expiration date. To view a certificate, go to the security tab and select “View certificate.” The certificate information will include the “Valid from” dates.
Another fast and easy way to get information about the Chrome SSL certificate is by clicking on the padlock in the URL bar. Select “Certificate” afterward.
11. Check Subject Alternative Domain
The subject’s alternate name appears on each certificate. This includes any versions of the domain name for which the certificate is valid. It’s important to note that https://domain.com and https://www.domain.com are treated as two separate domains (just like a subdomain).
If you encounter an error number like SSL ERROR BAD CERT DOMAIN, it’s possible that a certificate isn’t correctly registered on both versions of the domain. Today, it is less frequent, as most sites are redirected to HTTPS.
This can also happen if your domain name has recently changed. For example, let’s say you’ve recently upgraded to a.com name from your previous one. A NET::ERR_CERT_COMMON_NAME_INVALID problem will most likely occur if you forget to install an SSL certificate on your new domain.
12. Is the Certificate SHA-1?
SHA-1 was once often used throughout the internet for SSL certificates as a cryptographic hash mechanism. SHA-1, however, has weaknesses and no contemporary browser supports it anymore. The error “your connection is not private” will show if a website is still utilizing a certificate that uses this obsolete algorithm.
- Google Chrome removed support for SHA-1 in Chrome 56 (January 2017)
- Mozilla Firefox announced the deprecation of SHA-1 in Firefox 51 (February 2017)
- Microsoft announced blocking SHA-1 signed TLS certificates (January 2017)
The SHA-256 Hash methods are now in most certifications. You can check on a certificate on a website under the ‘Details‘ section.
13. Is the Certificate Issued by Symantec?
In January 2017 Symantec notified the public when it came to issuing certificates of various unethical acts. In other words, they did not fulfill the minimum standards of the industry-standard CA/browser forum. You were also aware of it, it turned out for some time. As a result, browsers have opted to stop supporting Symantec certificates. The error “your connection is not private” may appear if a website is still utilizing a certificate provided by them.
The timeline for this is still rolling out:
- Google Chrome Symantec timeline
- Mozilla Firefox Symantec timeline
- Microsoft will most likely be following suit, although they haven’t made an official statement
Using a Symantec certificate can result in the accompanying error code: NET::ERR_CERT_SYMANTEC_LEGACY.
14. Run an SSL Server Test
You can always perform an SSL server test if you’re not sure if everything on your or someone else’s website is set up correctly. SSL/TLS certificates necessitate the installation of intermediate certificates in addition to your main certificate (chains). Visitors may receive a warning in their browsers if these are not correctly set up, which may drive them away. If your certificate is set up incorrectly, you may or may not receive this warning, depending on your browser and version.
15. Update Your Operating System
As new technologies like TLS 1.3 and the latest cipher suites stop being supported by browsers, existing system operators become obsolete. Specific components of the most recent SSL certificates will simply cease to function. In 2015, Google ceased supporting Windows XP. You should update to a new operating system like Windows 10 or, if possible, the latest version of Mac OS X.
Make sure your operating system or Windows, Mac, or others is up to date.
16. Restart Your Computer
We know how tedious it is, but it needs to be tackled. Try to reboot your computer or even your router if neither of the preceding solutions works. We realize many of you have hundreds of tabs or apps open so that’s one of the final options. Nevertheless, rebooting devices removes many transient caches and failures.
17. Reach out For Help
Do you still receive the problem “It’s not your private connection?” Do not hesitate to seek help. Please contact our support staff if you observe something similar on your WordPress site. We can help you to decide why and whether your website is a problem or not.
The Google Chrome Help Forums are also a great resource! You can be sure that other people have encountered the same mistake or glitch and are willing to assist.
18. Disable Chrome Checking SSL Certificates
Chrome can also be set to not check SSL certificates. However, we cannot emphasize enough that this is exclusively for testing and development. If you don’t know what you’re doing, don’t utilize the following options.
Allow Invalid Certificates From localhost
You might be able to use the Chrome flag to simply accept unsecured connections from localhost if you’re testing locally. Navigate to chrome://flags/ in Chrome. If you are looking for “insecure,” the option “Allow invalid localhost loading certification for resources” should be displayed. Restart your browser after you have enabled this option.
Disable Chrome Checking All SSL Certificates
By giving the following command to Chrome on launch, you can tell it to disregard all SSL certificate issues. Just right-click on the launcher and select properties when using Windows. Then add –ignore-certificate-errors in the target field. Then restart Chrome.
Summary
Browser issues are never pleasant to deal with, and diagnosing them can be challenging at times. Hopefully, one of the solutions listed above will help you quickly resolve the “your connection is not private” issue. Remember that these are usually caused by a misconfigured setting on your computer or a problem with the website’s certificate.
Is there anything we left out? Perhaps you have another suggestion for resolving the connection problem. If so, please let us know in the comments section below.