Kinsta works with thousands of unlike WordPress sites on a daily basis, so when it comes to dissimilar types of errors, we've pretty much seen it all. From database connectedness errors to the white screen of death, ERR_CACHE_MISS, and browser/TLS related problems.

Some of these for the everyday WordPress user tin can be downright frustrating and even scary at times. Depending on the type of error it could also mean downtime for your website, which means you're losing coin. Or information technology might only be that the browser on your estimator needs fixing.

Today we're going to dive into the "your connection is not private" error and walk you through some means to get things working over again. Read more below about what causes this fault and what you can practise to forestall information technology in the future.

What Is the Your Connexion is Not Private Error?

The "your connection is not private" error only pertains to sites that are running over HTTPS(or should be running over HTTPS). When y'all visit a website, your browser sends a request to the server where the site is hosted. The browser then has to validate the document installed on the site to ensure information technology is up to current privacy standards. Other things that also take identify include the TLS handshake, the document being checked against the certificate dominance, and decryption of the certificate.

If the browser finds that the certificate isn't valid, it will automatically endeavour to prevent you lot from reaching the site. This feature is built into web browsers to protect the user. If the certificate isn't fix correctly, this ways data can't be encrypted properly and therefore the site is dangerous to visit (especially those with logins or that procedure payment data). Instead of loading the site, it volition deliver an error bulletin, such as "your connection is not private."

Your Connexion Is Non Private Error Variations

At that place are quite a few different variations of this error depending upon which web browser you're using, operating system, and fifty-fifty the configuration of the certificate on the servers. And while some of these errors sometimes mean slightly dissimilar things, a lot of times the troubleshooting steps are the same.

Your Connection Is Not Private in Google Chrome

In Google Chrome if in that location is an issue validating the document the fault will prove equally "your connexion is not private" (as seen beneath).

Attackers might be trying to steal your data from domain.com (for example, passwords, letters, or credit cards).

Your connection is not private error in Chrome
Your connection is non private error in Chrome

This is also accompanied by an error code bulletin which helps to try and pinpoint the exact issue. Below are just a couple of the most common error codes you might see in Google Chrome:

  • ERR_CERT_SYMANTEC_LEGACY
  • NET::ERR_CERT_AUTHORITY_INVALID
  • Cyberspace::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not friction match the domain)
  • NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
  • Net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
  • Net::ERR_CERT_DATE_INVALID
  • ERR_SSL_PROTOCOL_ERROR
  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Your Connection Is Not Secure in Mozilla Firefox

In Mozilla Firefox the error message varies slightly, and instead of "your connection is not individual" y'all'll meet "your connection is non secure" (as seen below).

The possessor of domain.com has configured their website improperly. To protect your information from beingness stolen, Firefox has not continued to this website.

This connection is not secure warning in Firefox
This connexion is not secure warning in Firefox

Just like in Chrome, information technology's accompanied by an error code message which helps to try and pinpoint the problem. Below are simply a couple of the most mutual mistake codes y'all might run into in Mozilla Firefox:

  • MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
  • SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
  • SEC_ERROR_EXPIRED_CERTIFICATE
  • SEC_ERROR_UNKNOWN_ISSUER
  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • ERROR_SELF_SIGNED_CERT
  • SSL_ERROR_BAD_CERT_DOMAIN

Your Connection Isn't Individual in Microsoft Edge

In Microsoft Border, you will as well see the error as "Your connection isn't individual."

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

Your Connection isn't Private in Microsoft Edge
Your Connexion isn't Individual Mistake in Microsoft Border

These are as well accompanied by an error code message. Below are merely a couple of the most common fault codes:

  • Cyberspace::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does non match the domain)
  • Error Lawmaking: 0
  • DLG_FLAGS_INVALID_CA
  • DLG_FLAGS_SEC_CERT_CN_INVALID

This Connection Is Not Private in Safari

In Safari, yous will run across the error as "Your connection is non private."

This website may be impersonating "domain.com" to steal your personal or financial data. Yous should get back to the previous page.

Your connection is not private error in Safari
Your connexion is not private error in Safari

How To Fix the Your Connexion Is Not Individual Error

Sometimes you might not fifty-fifty know where to begin if y'all're seeing a "your connections is not individual" error. From our experience, these errors typically originate from two things: the kickoff is a client-side issue (your browser, computer, OS), and the second is that there is an bodilyproblem with the certificate on the website(expired, wrong domain, not trusted past the organization). So we'll swoop into a niggling of both.

Here are some recommendations and things to check to prepare the error (sorted in society past most mutual reasons we see):

1. Try Reloading the Page

This might seem a lilliputian obvious to some, but 1 of the easiest and showtime things you should endeavour when encountering a "your connexion is not private" error is to merely close and re-open your browser and try loading the page again. It could exist that the website owner is currently reissuing their SSL certificate or something was out of whack in your browser.

2. Manually Proceed (Dangerous)

Your 2d option is to just manually proceed. Nevertheless, nosotros don't ever recommend doing this unless you fully empathize that zip volition be encrypted if you proceed. If you're going to be entering in login credentials or entering payment details, by all ways, skip to the next steps beneath.

Subscribe Now

We simply include this selection so we can explicate the total ramifications of doing this. Seeing this mistake could very well mean that someone's trying to fool yous or steal any info you send to the server and y'all should typically close the site immediately. It is also possible that the website has been compromised and at that place is a malicious redirection. If you lot're in a public place, never attempt to bypass this screen.

If you still want to proceed, in that location is usually a "Proceed to domain.com" link you can click at the lesser of the error screen. Depending on the browser this is sometimes hidden under the "Avant-garde" option. Note: If the website is using HSTS (HTTP Strict Send Security) this option won't be available as it means they have implemented an HTTP header which never allows non-HTTPS connections.

Connection error proceed anyways
Connection error proceed anyways

iii. Are Y'all in a Cafe or Airport?

This might sound odd, but cafes ☕ and airdrome Wi-Fi networks tend to be i of the most popular places that users run into the "your connection is not private" mistake. Why? Because a lot of them are still not running everything over HTTPS, or if they are, it isn't configured correctly. This usually pertains to the portal screen where you lot need to accept the terms and agreement to sign in. If you're trying to connect to an HTTPS (secure) site earlier accepting the portal's terms this error could pop upwards. Here are some easy steps to get around it.

  1. Connect to the buffet or the airport's Wi-Fi.
  2. Scan to a non-HTTPS site, such as http://www.weather.com.
  3. The sign-in page should so open. You lot can accept the terms and so log in. Due to the fact that the terms are usually only consisting of a checkbox, you shouldn't be too concerned if it isn't running over HTTPS. Once connected you tin can then scan to sites over HTTPS. Tip: If you can't get the sign-in page to open, y'all could also try typing 1.1.1.1 into your browser (source).

Think, whenever you lot're using public Wi-Fi a VPN can assist protect you even further by hiding your traffic. Here are a couple pop ones you might want to check out:

  • Private Internet Access
  • TunnelBear
  • NordVPN

iv. Bank check Your Computer's Clock

Another very common reason that y'all might run across the "your connection is not private" error is that your computer's clock is messed upwards. Browsers rely on these to be correctly synced up to verify the SSL certificate. This can easily happen if you just purchased a new computer, especially laptops on Wi-Fi for the start time. They don't e'er sync up automatically afterward your first login. Below are the steps to update the time on your computer. Notation: This can besides happen on mobile devices.

Windows

  1. Correct-click the fourth dimension in the bottom right-hand chore tray.
  2. Select "Conform engagement/time."
    Adjust date and time on PC
    Suit date and time in Windows
  3. Select "Set time automatically" and optionally "Ready time zone automatically." This will update according to one of Microsoft'southward NTP servers. Double check the time in the bottom right-manus task tray to make certain it'due south correct. If not, you tin can click on the "Change" button to manually select a time zone.
    Windows time zone
    Windows time zone
  4. Close your browser and re-open it. And then try revisiting the website.

Mac

  1. From the Apple menu click on "Arrangement Preferences"
  2. Click the Appointment & Time icon. If the padlock appears at the bottom of the window you might need to click information technology and enter your administrator username and countersign.
  3. Select "Set appointment & time automatically." This will update according to one of Apple tree's NTP servers.
  4. Select the Time Zone tab. If it doesn't determine your location automatically but uncheck information technology so y'all tin manually ready it. On the map select your time zone region and urban center.
  5. Close your browser and re-open it. So revisiting the website.

5. Try in Incognito Way

Our next recommendation would usually exist to clear your browser's enshroud. However, that's easier said than done for a lot of u.s.a.. 😉 If you desire to check if it might be your browser cache, without clearing your cache, you can ever open up upward your browser in incognito manner. Or test another browser and run across if you withal meet the "your connection is not individual" error. Don't dominion out Chrome extensions either. But this will help you examination that.

Open Chrome in Incognito mode
Open Chrome in Incognito mode

In Mozilla Firefox Incognito mode is referred to as "New private window." In Microsoft Edge, it'southward referred to as "New InPrivate Window."

vi. Clear Browser Cache and Cookies

If you lot think it might be your browser, clearing your browser enshroud is always a good troubleshooting pace before diving into more in-depth troubleshooting. Below are instructions on how to practise it in the various browsers:

  • How to Forcefulness Refresh a Single Page for All Browsers
  • How to Clear Browser Enshroud for Google Chrome
  • How to Clear Browser Cache for Mozilla Firefox
  • How to Clear Browser Enshroud for Safari
  • How to Clear Browser Cache for Internet Explorer
  • How to Clear Browser Cache for Microsoft Edge
  • How to Clear Browser Cache for Opera

7. Try Clearing the SSL State on Your Computer

Immigration the SSL state in Chrome is often overlooked but tin come in very handy and is piece of cake to try. Just like clearing your browser's cache this tin help if things become out of sync. To clear the SSL country in Chrome on Windows, follow these steps:

  1. Click the Google Chrome – Settings icon (Settings) icon, and and then click Settings.
  2. Click Bear witness advanced settings.
  3. Under Network, click Change proxy settings. The Internet Properties dialog box appears.
  4. Click the Content tab.
  5. Click "Clear SSL state", and then click OK.
  6. Restart Chrome.
Clear SSL state
Clear SSL state

If you are on a Mac, see these instructions on how to delete an SSL certificate.

8. Change DNS Servers

The adjacent affair y'all can try is changing your DNS servers. Nosotros've actually seen the "your connection is not private" error happen before when using Google's Public DNS (viii.8.viii.8 and 8.viii.4.four) or Cloudflare's DNS (i.ane.1.ane and one.0.0.one). Removing this and defaulting back to your ISP'southward DNS servers can sometimes gear up DNS errors. Google and Cloudflare aren't perfect 100% of the time and we've bug occur now and so.

To do this on Windows, get to your network connectedness properties and make certain "Obtain DNS server accost automatically" is selected. If you've added Google'south Public DNS or Cloudflare'due south DNS to your router, you lot might besides have to remove it from there.

Obtain DNS server address automatically
Obtain DNS server address automatically

9. Disable VPN and Antivirus Temporarily

Sometimes VPNs and Antivirus software tin can conflict or override your network settings, including blocking certain SSL certificates or connections. If you lot accept any running, try temporarily disabling them (closing them) or turning off their "SSL Scan" feature to see if information technology resolves the "your connection is not individual" mistake in Chrome.

10. Brand Certain the Certificate Hasn't Expired

SSL certificates expiring without the website owner's noesis happens all the fourth dimension. In fact, a lot more than you might recollect. Fifty-fifty to Fortune 500 companies! We were able to find this tweet beneath inside a thing of a few seconds. No large deal, merely Huntington Bank forgetting to renew their SSL certificate. 😨

Typically this happens due to the following reasons:

  • The website possessor doesn't take auto-renew enabled with the domain registrar or SSL certificate provider.
  • Auto-renew is enabled merely payment fails considering the user has forgotten to update their payment method. Users typically change credits cards more than ofttimes than they access their domain registrar'southward dashboard throughout the twelvemonth.
  • The website owner uses a free Allow's Encrypt certificate which expires every ninety days and they don't accept a script in place to renew information technology, or they forget. At Kinsta, nosotros've automated this process so yous never have to worry well-nigh your free SSL certificates expiring.

This results in an accompanying error lawmaking: Internet::ERR_CERT_DATE_INVALID.

NET::ERR_CERT_DATE_INVALID
Cyberspace::ERR_CERT_DATE_INVALID

You can easily bank check a certificate's expiration date by opening upwards Chrome DevTools while you're on the site. Click on the security tab and click on "View certificate." The "Valid from" dates will show in the certificate data.

Check SSL expiration
Check SSL expiration

Another quick and easy way to access a site'southward SSL certificate information in Chrome is to click on the padlock in the address bar. Then click on "Certificate."

Certificate info
Certificate info

eleven. Check Subject Culling Domain

Each certificate has what they phone call the Subject Alternative Name. This includes all the domain name variations for which the certificate is issued to and valid for. It'south of import to note that https://domain.com and https://www.domain.com are treated every bit two separate domains (only like a subdomain).

Subject alternative name
Bailiwick alternative proper name

If you're seeing an accompanying error lawmaking such every bit SSL_ERROR_BAD_CERT_DOMAIN, information technology could be that a document is non registered properly on both variations of the domain. This is less common present as sites usually have HTTPS redirects in place. At Kinsta you tin can generate your free HTTPS certificate for both www and non-world wide web.

Generate an SSL certificate for your multisite in MyKinsta.
Generate an SSL certificate for your multisite in MyKinsta.

This could also happen if yous but changed domain names. For example, perchance y'all just caused that shiny new .com accost and moved from your former domain. If you forget to install an SSL certificate on your new domain, then a NET::ERR_CERT_COMMON_NAME_INVALID error volition nigh likely occur.

12. Is the Certificate SHA-1?

SHA-one is a cryptographic hash algorithm in one case normally used past SSL certificates on the spider web. SHA-1 though has shown signs of weaknesses and therefore is no longer supported in any current browser. If a website is notwithstanding using a certificate with this former algorithm the "your connection is not private" error volition announced.

  • Google Chrome removed support for SHA-ane in Chrome 56 (January 2017)
  • Mozilla Firefox announced deprecation of SHA-1 in Firefox 51 (February 2017)
  • Microsoft announced blocking SHA-i signed TLS certificates (January 2017)

Most certificates now use SHA-256 hash algorithms. This tin exist constitute nether the "Details" tab when inspecting a certificate on a website.

Certificate hash algorithm
Certificate hash algorithm

thirteen. Is the Certificate Issued by Symantec?

Dorsum in January 2017, the public was made aware of some bad practices on Symantec'southward role when it comes to how they issued certificates. Essentially they didn't comply with the industry standard CA/browser forum baseline requirements. It also turned out that they had been aware of this for some time. Because of this, browsers decided to no longer support certificates issued by Symantec.  If a website is nonetheless using a certificate issued past them the "your connection is not individual" error might appear.

The timeline for this is still rolling out:

  • Google Chrome Symantec timeline
  • Mozilla Firefox Symantec timeline
  • Microsoft will almost likely be post-obit suit, although they haven't made an official statement yet.

Using a Symantec certificate tin can event in the accompanying error code: Internet::ERR_CERT_SYMANTEC_LEGACY.

ERR_CERT_SYMANTEC_LEGACY
Internet::ERR_CERT_SYMANTEC_LEGACY

14. Run an SSL Server Exam

If y'all're non sure if everything is ready up correctly on your website or someone else's, you can e'er run an SSL server examination. SSL/TLS certificates require not but your main certificate only also what they telephone call intermediate certificates (chain) to also exist installed. If you don't take these set up properly, visitors could get a alert in their browsers, which in turn might bulldoze them away. And depending on the browser and version, you may or may not see this alarm if your certificate is setup incorrectly.

We recommend using the free SSL check tool from Qualys SSL Labs. It'due south very reliable and we employ it for all Kinsta clients when verifying certificates. Simply head over to their SSL check tool, input your domain into the Hostname field and click on "Submit." Yous can too select the option to hibernate public results if you prefer. The scan might take a minute or ii but it volition show you all the fine details regarding a site's SSL/TLS configuration.

ssl check a grade
Qualys SSL Labs

Check out our in-depth tutorial on a couple things to check for when running an SSL exam.

We've taken our knowledge of constructive website management at calibration, and turned it into an ebook and video course. Click here to download The 2022 Guide to Managing 60+ WordPress Sites!

15. Update Your Operating Organization

Older operating systems fall out of appointment with newer technologies such as TLS ane.iii and the latest cipher suites equally browsers stop supporting them. Specific components in the latest SSL certs will only stop working. Google Chrome, in fact, pulled the plug on Windows XP dorsum in 2015. We always recommend upgrading to newer operating systems if possible, such equally Windows 10 or the latest version of Mac Bone X.

Make certain your device is up-to-date on Windows, Mac, or another operating system.

16. Restart Your Computer

We know it'due south abrasive, but it has to be mentioned. ðŸ˜¬ If none of the above options work, trying restarting your calculator and even your router. We realize many of you probably have hundreds of tabs or applications open and that'southward why we fabricated this 1 of the last options. Merely rebooting devices actually clears out a lot of temporary cache and hiccups.

17. Reach out For Help

Still seeing the "your connection is not private" error? Don't be afraid to achieve out and enquire for help. If y'all run across this on your own WordPress site, feel free to open up a ticket with our Kinsta support team. Nosotros can help y'all determine why this might be happening and if it is indeed an result on your website itself.

The Google Chrome Aid Forums tin as well be peculiarly helpful! You lot tin can guarantee in that location are users that have already experienced the same mistake or bug, and are ready to aid.

18. Disable Chrome Checking SSL Certificates

You can likewise disable Chrome checking SSL certificates. However, we can't stress enough, this is only meant for testing and evolution purposes. Don't ever use the following options unless you know exactly what you're doing.

Allow Invalid Certificates From localhost

If you're testing locally, y'all might be able to employ the Chrome flag to simply let insecure connections from localhost. In Chrome, browse to:chrome://flags/. Search for "insecure" and you should see the option to "Allow invalid certificates for resources loaded from localhost." Enable that selection and restart your browser.

Allow insecure connections on localhost in Chrome
Permit insecure connections on localhost in Chrome

Disable Chrome Checking All SSL Certificates

You can tell Chrome to ignore all SSL document errors by passing the following at the command line at launch. If you're on Windows simply right-click into the properties of the launcher. Then add together --ignore-certificate-errors in the target field. So restart Chrome.

Chrome ignore certificate errors
Chrome ignore document errors

Summary

Browser errors are never fun and can sometimes be difficult to troubleshoot. Hopefully i of the tips above will help you resolve the "your connectedness is not individual" fault equally rapidly equally possible. Recall, these are typically caused by something misconfigured on your own calculator or with the certificate on the website itself.

Was there anything we missed? Perhaps you lot take another tip on troubleshooting the connection error. If and then, let united states of america know below in the comments.

Save time, costs and maximize site operation with:

  • Instant assist from WordPress hosting experts, 24/vii.
  • Cloudflare Enterprise integration.
  • Global audition reach with 29 data centers worldwide.
  • Optimization with our built-in Awarding Performance Monitoring.

All of that and much more, in one plan with no long-term contracts, assisted migrations, and a thirty-day-money-dorsum-guarantee. Check out our plans or talk to sales to find the program that's right for you.