Kinsta works with thousands of different WordPress sites on a daily basis, so when information technology comes to different types of errors, we've pretty much seen information technology all. From database connectedness errors to the white screen of decease, ERR_CACHE_MISS, and browser/TLS related issues.

Some of these for the everyday WordPress user can be downright frustrating and even scary at times. Depending on the blazon of error it could too mean downtime for your website, which ways you're losing money. Or it might but be that the browser on your computer needs fixing.

Today we're going to dive into the "your connection is not private" error and walk you through some ways to get things working again. Read more below virtually what causes this error and what you can do to preclude it in the future.

What Is the Your Connectedness is Non Private Error?

The "your connection is not private" error only pertains to sites that are running over HTTPS(or should be running over HTTPS). When you visit a website, your browser sends a asking to the server where the site is hosted. The browser and then has to validate the certificate installed on the site to ensure it is upwards to current privacy standards. Other things that also have place include the TLS handshake, the certificate being checked confronting the certificate authority, and decryption of the certificate.

If the browser finds that the certificate isn't valid, it will automatically effort to prevent you from reaching the site. This characteristic is built into spider web browsers to protect the user. If the document isn't set up correctly, this ways data tin't be encrypted properly and therefore the site is unsafe to visit (peculiarly those with logins or that process payment data). Instead of loading the site, it will deliver an fault message, such every bit "your connection is non private."

Your Connection Is Non Private Error Variations

There are quite a few different variations of this error depending upon which web browser yous're using, operating system, and even the configuration of the certificate on the servers. And while some of these errors sometimes mean slightly different things, a lot of times the troubleshooting steps are the aforementioned.

Your Connection Is Not Private in Google Chrome

In Google Chrome if there is an consequence validating the document the error will prove as "your connexion is not private" (equally seen below).

Attackers might be trying to steal your information from domain.com (for case, passwords, messages, or credit cards).

Your connection is not private error in Chrome
Your connection is not private fault in Chrome

This is besides accompanied by an mistake lawmaking bulletin which helps to try and pinpoint the exact result. Below are just a couple of the virtually common error codes y'all might see in Google Chrome:

  • ERR_CERT_SYMANTEC_LEGACY
  • NET::ERR_CERT_AUTHORITY_INVALID
  • NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
  • NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
  • NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
  • Net::ERR_CERT_DATE_INVALID
  • ERR_SSL_PROTOCOL_ERROR
  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Your Connection Is Not Secure in Mozilla Firefox

In Mozilla Firefox the error bulletin varies slightly, and instead of "your connection is non private" you'll meet "your connectedness is not secure" (every bit seen below).

The owner of domain.com has configured their website improperly. To protect your data from being stolen, Firefox has not continued to this website.

This connection is not secure warning in Firefox
This connection is not secure warning in Firefox

Just similar in Chrome, information technology'southward accompanied past an error code message which helps to endeavor and pinpoint the trouble. Below are merely a couple of the most mutual error codes yous might see in Mozilla Firefox:

  • MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
  • SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
  • SEC_ERROR_EXPIRED_CERTIFICATE
  • SEC_ERROR_UNKNOWN_ISSUER
  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • ERROR_SELF_SIGNED_CERT
  • SSL_ERROR_BAD_CERT_DOMAIN

Your Connection Isn't Private in Microsoft Border

In Microsoft Edge, you lot will also see the error as "Your connection isn't private."

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

Your Connection isn't Private in Microsoft Edge
Your Connectedness isn't Individual Error in Microsoft Edge

These are too accompanied by an error lawmaking message. Beneath are just a couple of the near common error codes:

  • NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does non friction match the domain)
  • Fault Code: 0
  • DLG_FLAGS_INVALID_CA
  • DLG_FLAGS_SEC_CERT_CN_INVALID

This Connection Is Not Private in Safari

In Safari, y'all will see the fault every bit "Your connectedness is not private."

This website may be impersonating "domain.com" to steal your personal or financial data. Y'all should go back to the previous page.

Your connection is not private error in Safari
Your connectedness is not private error in Safari

How To Fix the Your Connectedness Is Not Individual Error

Sometimes you might not fifty-fifty know where to begin if you're seeing a "your connections is non private" error. From our feel, these errors typically originate from two things: the first is a client-side effect (your browser, computer, Os), and the second is that at that place is an actualproblem with the document on the website(expired, wrong domain, non trusted by the organization). So nosotros'll dive into a niggling of both.

Here are some recommendations and things to check to fix the error (sorted in order by virtually common reasons we come across):

1. Try Reloading the Folio

This might seem a little obvious to some, simply one of the easiest and get-go things yous should try when encountering a "your connectedness is not private" fault is to simply close and re-open your browser and try loading the page again. It could be that the website owner is currently reissuing their SSL certificate or something was out of whack in your browser.

2. Manually Proceed (Dangerous)

Your 2d option is to only manually proceed. However, we don't always recommend doing this unless yous fully empathise that naught will exist encrypted if you proceed. If yous're going to exist entering in login credentials or entering payment details, by all means, skip to the next steps beneath.

We but include this selection then we can explain the total ramifications of doing this. Seeing this mistake could very well mean that someone's trying to fool y'all or steal any info you send to the server and you should typically shut the site immediately. It is too possible that the website has been compromised and there is a malicious redirection. If you're in a public place, never try to bypass this screen.

Subscribe At present

If you still want to proceed, at that place is usually a "Continue to domain.com" link you can click at the bottom of the error screen. Depending on the browser this is sometimes subconscious under the "Advanced" selection. Note: If the website is using HSTS (HTTP Strict Transport Security) this option won't be bachelor as it means they accept implemented an HTTP header which never allows non-HTTPS connections.

Connection error proceed anyways
Connection error continue anyways

3. Are Yous in a Cafe or Aerodrome?

This might sound odd, but cafes ☕ and airport Wi-Fi networks tend to be i of the most popular places that users meet the "your connection is not private" error. Why? Because a lot of them are still not running everything over HTTPS, or if they are, it isn't configured correctly. This commonly pertains to the portal screen where you lot need to accept the terms and agreement to sign in. If yous're trying to connect to an HTTPS (secure) site before accepting the portal'southward terms this error could pop upwardly. Here are some like shooting fish in a barrel steps to go around it.

  1. Connect to the cafe or the airport's Wi-Fi.
  2. Browse to a non-HTTPS site, such as http://www.weather.com.
  3. The sign-in page should so open up. You lot can accept the terms and and so log in. Due to the fact that the terms are normally just consisting of a checkbox, you shouldn't exist too concerned if it isn't running over HTTPS. Once connected you tin can so browse to sites over HTTPS. Tip: If you tin can't get the sign-in folio to open, you could besides endeavour typing 1.one.1.i into your browser (source).

Remember, whenever you're using public Wi-Fi a VPN can assist protect yous even farther by hiding your traffic. Here are a couple pop ones you might want to bank check out:

  • Private Net Access
  • TunnelBear
  • NordVPN

four. Check Your Computer'south Clock

Some other very common reason that y'all might see the "your connection is non private" error is that your computer's clock is messed up. Browsers rely on these to exist correctly synced upwardly to verify the SSL certificate. This tin hands happen if you but purchased a new estimator, specially laptops on Wi-Fi for the first time. They don't ever sync up automatically after your first login. Below are the steps to update the time on your reckoner. Note: This can also happen on mobile devices.

Windows

  1. Right-click the time in the bottom correct-hand chore tray.
  2. Select "Suit date/time."
    Adjust date and time on PC
    Suit date and time in Windows
  3. Select "Set time automatically" and optionally "Set up time zone automatically." This volition update according to 1 of Microsoft's NTP servers. Double check the time in the bottom right-hand task tray to brand sure it'due south correct. If non, you lot tin click on the "Change" push to manually select a time zone.
    Windows time zone
    Windows time zone
  4. Shut your browser and re-open it. Then try revisiting the website.

Mac

  1. From the Apple menu click on "System Preferences"
  2. Click the Appointment & Time icon. If the padlock appears at the lesser of the window you might need to click it and enter your administrator username and password.
  3. Select "Set appointment & time automatically." This will update according to ane of Apple's NTP servers.
  4. Select the Time Zone tab. If information technology doesn't determine your location automatically simply uncheck information technology so y'all can manually set it. On the map select your fourth dimension zone region and city.
  5. Close your browser and re-open it. Then revisiting the website.

5. Try in Incognito Fashion

Our next recommendation would usually be to clear your browser's enshroud. However, that's easier said than washed for a lot of us. 😉 If you want to check if it might be your browser cache, without clearing your cache, y'all tin ever open up your browser in incognito mode. Or test another browser and see if you all the same see the "your connection is not private" fault. Don't rule out Chrome extensions either. But this will assist you test that.

Open Chrome in Incognito mode
Open Chrome in Incognito mode

In Mozilla Firefox Incognito mode is referred to as "New private window." In Microsoft Edge, it's referred to every bit "New InPrivate Window."

6. Clear Browser Cache and Cookies

If yous think it might be your browser, clearing your browser cache is always a practiced troubleshooting step before diving into more in-depth troubleshooting. Below are instructions on how to practice it in the various browsers:

  • How to Strength Refresh a Single Page for All Browsers
  • How to Clear Browser Cache for Google Chrome
  • How to Clear Browser Cache for Mozilla Firefox
  • How to Clear Browser Enshroud for Safari
  • How to Clear Browser Cache for Internet Explorer
  • How to Articulate Browser Enshroud for Microsoft Edge
  • How to Clear Browser Cache for Opera

Check Out Out Video Guide to Immigration Browser Enshroud

7. Try Immigration the SSL Land on Your Figurer

Clearing the SSL state in Chrome is frequently overlooked but can come in very handy and is piece of cake to try. Just similar clearing your browser'southward cache this tin assistance if things get out of sync. To clear the SSL state in Chrome on Windows, follow these steps:

  1. Click the Google Chrome – Settings icon (Settings) icon, and and then click Settings.
  2. Click Prove avant-garde settings.
  3. Under Network, click Change proxy settings. The Internet Properties dialog box appears.
  4. Click the Content tab.
  5. Click "Clear SSL state", and then click OK.
  6. Restart Chrome.
Clear SSL state
Clear SSL country

If y'all are on a Mac, see these instructions on how to delete an SSL certificate.

8. Change DNS Servers

The next thing you can endeavour is changing your DNS servers. We've actually seen the "your connexion is not private" mistake happen before when using Google's Public DNS (8.8.8.8 and viii.eight.four.4) or Cloudflare's DNS (1.1.1.1 and i.0.0.1). Removing this and defaulting back to your Internet access provider'southward DNS servers tin sometimes fix DNS errors. Google and Cloudflare aren't perfect 100% of the time and nosotros've issues occur at present and then.

To do this on Windows, go to your network connection backdrop and make sure "Obtain DNS server address automatically" is selected. If you've added Google'southward Public DNS or Cloudflare's DNS to your router, you might likewise take to remove it from there.

Obtain DNS server address automatically
Obtain DNS server address automatically

9. Disable VPN and Antivirus Temporarily

Sometimes VPNs and Antivirus software can disharmonize or override your network settings, including blocking certain SSL certificates or connections. If you take any running, endeavour temporarily disabling them (closing them) or turning off their "SSL Scan" characteristic to see if it resolves the "your connection is non individual" error in Chrome.

ten. Make Sure the Certificate Hasn't Expired

SSL certificates expiring without the website owner's noesis happens all the time. In fact, a lot more you might think. Even to Fortune 500 companies! We were able to find this tweet below inside a matter of a few seconds. No big deal, just Huntington Bank forgetting to renew their SSL certificate. 😨

Typically this happens due to the following reasons:

  • The website possessor doesn't have auto-renew enabled with the domain registrar or SSL certificate provider.
  • Motorcar-renew is enabled but payment fails because the user has forgotten to update their payment method. Users typically change credits cards more frequently than they admission their domain registrar'due south dashboard throughout the year.
  • The website owner uses a gratis Let'southward Encrypt certificate which expires every ninety days and they don't have a script in place to renew it, or they forget. At Kinsta, we've automated this process and so yous never take to worry about your free SSL certificates expiring.

This results in an accompanying error code: NET::ERR_CERT_DATE_INVALID.

NET::ERR_CERT_DATE_INVALID
NET::ERR_CERT_DATE_INVALID

Yous can hands check a certificate's expiration engagement by opening up Chrome DevTools while y'all're on the site. Click on the security tab and click on "View certificate." The "Valid from" dates volition show in the certificate information.

Check SSL expiration
Bank check SSL expiration

Another quick and piece of cake fashion to access a site'due south SSL certificate information in Chrome is to click on the padlock in the accost bar. So click on "Document."

Certificate info
Certificate info

xi. Check Subject area Culling Domain

Each certificate has what they call the Subject area Alternative Proper name. This includes all the domain name variations for which the certificate is issued to and valid for. It's important to note that https://domain.com and https://www.domain.com are treated as 2 split domains (merely like a subdomain).

Subject alternative name
Subject alternative name

If you're seeing an accompanying fault code such equally SSL_ERROR_BAD_CERT_DOMAIN, it could be that a certificate is not registered properly on both variations of the domain. This is less common nowadays as sites usually have HTTPS redirects in place. At Kinsta yous can generate your gratuitous HTTPS certificate for both www and non-world wide web.

Generate an SSL certificate for your multisite in MyKinsta.
Generate an SSL document for your multisite in MyKinsta.

This could also happen if you simply changed domain names. For case, perhaps you just acquired that shiny new .com address and moved from your old domain. If y'all forget to install an SSL certificate on your new domain, and then a NET::ERR_CERT_COMMON_NAME_INVALID error will most probable occur.

12. Is the Document SHA-i?

SHA-1 is a cryptographic hash algorithm once commonly used by SSL certificates on the web. SHA-1 though has shown signs of weaknesses and therefore is no longer supported in any current browser. If a website is still using a certificate with this erstwhile algorithm the "your connectedness is non private" error will announced.

  • Google Chrome removed support for SHA-i in Chrome 56 (Jan 2017)
  • Mozilla Firefox announced deprecation of SHA-one in Firefox 51 (February 2017)
  • Microsoft announced blocking SHA-1 signed TLS certificates (January 2017)

Most certificates now employ SHA-256 hash algorithms. This can be found under the "Details" tab when inspecting a certificate on a website.

Certificate hash algorithm
Certificate hash algorithm

13. Is the Certificate Issued past Symantec?

Back in Jan 2017, the public was made aware of some bad practices on Symantec's office when it comes to how they issued certificates. Essentially they didn't comply with the manufacture standard CA/browser forum baseline requirements. It too turned out that they had been aware of this for some fourth dimension. Because of this, browsers decided to no longer support certificates issued past Symantec.  If a website is even so using a certificate issued by them the "your connexion is non private" mistake might appear.

The timeline for this is notwithstanding rolling out:

  • Google Chrome Symantec timeline
  • Mozilla Firefox Symantec timeline
  • Microsoft will most likely be following suit, although they oasis't made an official statement however.

Using a Symantec certificate can result in the accompanying fault lawmaking: Cyberspace::ERR_CERT_SYMANTEC_LEGACY.

ERR_CERT_SYMANTEC_LEGACY
Internet::ERR_CERT_SYMANTEC_LEGACY

14. Run an SSL Server Test

If you're not certain if everything is ready correctly on your website or someone else's, yous tin can always run an SSL server test. SSL/TLS certificates require not merely your main certificate merely also what they telephone call intermediate certificates (chain) to likewise be installed. If you don't have these set upwards properly, visitors could become a alert in their browsers, which in turn might drive them abroad. And depending on the browser and version, you lot may or may non see this warning if your certificate is setup incorrectly.

We recommend using the gratis SSL bank check tool from Qualys SSL Labs. It's very reliable and we employ it for all Kinsta clients when verifying certificates. Simply caput over to their SSL check tool, input your domain into the Hostname field and click on "Submit." Yous tin also select the pick to hibernate public results if y'all prefer. The browse might have a minute or two just it volition bear witness you all the fine details regarding a site'south SSL/TLS configuration.

ssl check a grade
Qualys SSL Labs

Cheque out our in-depth tutorial on a couple things to cheque for when running an SSL exam.

Nosotros've taken our knowledge of effective website management at scale, and turned information technology into an ebook and video course. Click here to download The 2022 Guide to Managing 60+ WordPress Sites!

15. Update Your Operating System

Older operating systems fall out of engagement with newer technologies such equally TLS ane.three and the latest cipher suites every bit browsers stop supporting them. Specific components in the latest SSL certs will simply cease working. Google Chrome, in fact, pulled the plug on Windows XP back in 2015. We always recommend upgrading to newer operating systems if possible, such as Windows 10 or the latest version of Mac Os X.

Make certain your device is up-to-date on Windows, Mac, or another operating organisation.

16. Restart Your Computer

We know information technology'south annoying, but it has to be mentioned. ðŸ˜¬ If none of the above options work, trying restarting your figurer and even your router. We realize many of you probably have hundreds of tabs or applications open and that's why we made this one of the last options. But rebooting devices actually clears out a lot of temporary enshroud and hiccups.

17. Reach out For Assistance

Nonetheless seeing the "your connectedness is not private" fault? Don't be afraid to achieve out and ask for assist. If yous see this on your own WordPress site, feel free to open a ticket with our Kinsta support team. We can help you make up one's mind why this might be happening and if it is indeed an upshot on your website itself.

The Google Chrome Help Forums tin can likewise be peculiarly helpful! You lot tin guarantee at that place are users that have already experienced the same error or bug, and are ready to help.

xviii. Disable Chrome Checking SSL Certificates

You can also disable Chrome checking SSL certificates. Still, we can't stress plenty, this is only meant for testing and development purposes. Don't ever use the following options unless you lot know exactly what you're doing.

Allow Invalid Certificates From localhost

If you're testing locally, you might exist able to use the Chrome flag to just allow insecure connections from localhost. In Chrome, scan to:chrome://flags/. Search for "insecure" and you lot should run into the option to "Allow invalid certificates for resource loaded from localhost." Enable that option and restart your browser.

Allow insecure connections on localhost in Chrome
Allow insecure connections on localhost in Chrome

Disable Chrome Checking All SSL Certificates

You lot can tell Chrome to ignore all SSL document errors by passing the following at the command line at launch. If yous're on Windows simply right-click into the properties of the launcher. Then add together --ignore-document-errors in the target field. Then restart Chrome.

Chrome ignore certificate errors
Chrome ignore certificate errors

Summary

Browser errors are never fun and can sometimes exist difficult to troubleshoot. Hopefully 1 of the tips above will help you lot resolve the "your connexion is non individual" error equally quickly as possible. Remember, these are typically caused past something misconfigured on your own computer or with the document on the website itself.

Was in that location anything we missed? Maybe you take another tip on troubleshooting the connectedness error. If so, permit united states know below in the comments.

Save time, costs and maximize site performance with:

  • Instant aid from WordPress hosting experts, 24/7.
  • Cloudflare Enterprise integration.
  • Global audience achieve with 32 information centers worldwide.
  • Optimization with our congenital-in Application Performance Monitoring.

All of that and much more, in one program with no long-term contracts, assisted migrations, and a thirty-solar day-money-back-guarantee. Cheque out our plans or talk to sales to find the plan that's correct for you.