Kinsta works with thousands of different WordPress sites on a daily basis, and then when it comes to different types of errors, we've pretty much seen it all. From database connection errors to the white screen of expiry, ERR_CACHE_MISS, and browser/TLS related issues.

Some of these for the everyday WordPress user tin be downright frustrating and even scary at times. Depending on the type of mistake information technology could also hateful downtime for your website, which means you're losing money. Or information technology might just exist that the browser on your calculator needs fixing.

Today we're going to dive into the "your connection is non private" fault and walk you through some ways to get things working again. Read more than beneath nearly what causes this error and what yous can practise to prevent it in the future.

What Is the Your Connection is Not Private Error?

The "your connection is non private" mistake merely pertains to sites that are running over HTTPS(or should be running over HTTPS). When you lot visit a website, your browser sends a asking to the server where the site is hosted. The browser and then has to validate the document installed on the site to ensure information technology is up to current privacy standards. Other things that besides accept place include the TLS handshake, the document beingness checked against the certificate authority, and decryption of the certificate.

If the browser finds that the certificate isn't valid, it will automatically effort to forestall you lot from reaching the site. This feature is built into web browsers to protect the user. If the certificate isn't prepare correctly, this means data can't be encrypted properly and therefore the site is dangerous to visit (especially those with logins or that procedure payment information). Instead of loading the site, it will evangelize an error message, such as "your connection is not individual."

Your Connection Is Not Private Error Variations

At that place are quite a few unlike variations of this error depending upon which web browser you lot're using, operating system, and even the configuration of the document on the servers. And while some of these errors sometimes mean slightly different things, a lot of times the troubleshooting steps are the same.

Your Connection Is Not Individual in Google Chrome

In Google Chrome if there is an issue validating the certificate the error will show as "your connection is non private" (every bit seen below).

Attackers might be trying to steal your data from domain.com (for instance, passwords, messages, or credit cards).

Your connection is not private error in Chrome
Your connection is not private error in Chrome

This is also accompanied past an fault lawmaking message which helps to attempt and pinpoint the exact issue. Below are just a couple of the most mutual error codes yous might see in Google Chrome:

  • ERR_CERT_SYMANTEC_LEGACY
  • Net::ERR_CERT_AUTHORITY_INVALID
  • NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does non lucifer the domain)
  • NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
  • NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
  • Net::ERR_CERT_DATE_INVALID
  • ERR_SSL_PROTOCOL_ERROR
  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Your Connection Is Non Secure in Mozilla Firefox

In Mozilla Firefox the mistake bulletin varies slightly, and instead of "your connection is non private" you'll see "your connectedness is not secure" (as seen below).

The owner of domain.com has configured their website improperly. To protect your data from being stolen, Firefox has not connected to this website.

This connection is not secure warning in Firefox
This connection is not secure warning in Firefox

Just like in Chrome, it's accompanied past an error code message which helps to try and pinpoint the problem. Below are just a couple of the most common error codes you might run across in Mozilla Firefox:

  • MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
  • SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
  • SEC_ERROR_EXPIRED_CERTIFICATE
  • SEC_ERROR_UNKNOWN_ISSUER
  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • ERROR_SELF_SIGNED_CERT
  • SSL_ERROR_BAD_CERT_DOMAIN

Your Connection Isn't Private in Microsoft Border

In Microsoft Edge, you will too encounter the mistake as "Your connection isn't individual."

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

Your Connection isn't Private in Microsoft Edge
Your Connection isn't Private Error in Microsoft Edge

These are also accompanied by an error code message. Below are just a couple of the almost mutual error codes:

  • Net::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does non lucifer the domain)
  • Error Code: 0
  • DLG_FLAGS_INVALID_CA
  • DLG_FLAGS_SEC_CERT_CN_INVALID

This Connectedness Is Not Private in Safari

In Safari, yous will see the mistake as "Your connection is non private."

This website may be impersonating "domain.com" to steal your personal or fiscal information. You should go dorsum to the previous page.

Your connection is not private error in Safari
Your connection is non private error in Safari

How To Set the Your Connection Is Not Private Error

Sometimes yous might not even know where to begin if you're seeing a "your connections is non private" error. From our experience, these errors typically originate from two things: the starting time is a client-side consequence (your browser, estimator, Os), and the second is that there is an actualproblem with the document on the website(expired, wrong domain, not trusted by the arrangement). So we'll dive into a little of both.

Here are some recommendations and things to cheque to fix the error (sorted in order by most mutual reasons we meet):

ane. Effort Reloading the Page

This might seem a little obvious to some, but 1 of the easiest and showtime things you should try when encountering a "your connection is not private" error is to simply close and re-open your browser and try loading the folio again. It could be that the website owner is currently reissuing their SSL certificate or something was out of whack in your browser.

2. Manually Go on (Unsafe)

Your 2nd selection is to simply manually proceed. However, we don't ever recommend doing this unless you lot fully sympathize that nix volition exist encrypted if you proceed. If you're going to be entering in login credentials or entering payment details, by all means, skip to the next steps beneath.

Subscribe At present

Nosotros just include this pick and so we tin can explain the full ramifications of doing this. Seeing this error could very well hateful that someone's trying to fool you or steal any info yous ship to the server and y'all should typically close the site immediately. Information technology is also possible that the website has been compromised and there is a malicious redirection. If you're in a public place, never endeavor to featherbed this screen.

If you still want to go along, there is commonly a "Proceed to domain.com" link you lot can click at the bottom of the error screen. Depending on the browser this is sometimes hidden under the "Advanced" option. Note: If the website is using HSTS (HTTP Strict Ship Security) this option won't exist bachelor as it ways they have implemented an HTTP header which never allows non-HTTPS connections.

Connection error proceed anyways
Connection error proceed anyways

3. Are You in a Buffet or Airport?

This might audio odd, only cafes ☕ and drome Wi-Fi networks tend to be one of the almost popular places that users see the "your connection is not private" error. Why? Because a lot of them are still not running everything over HTTPS, or if they are, it isn't configured correctly. This normally pertains to the portal screen where you need to accept the terms and agreement to sign in. If yous're trying to connect to an HTTPS (secure) site earlier accepting the portal's terms this error could popular up. Here are some like shooting fish in a barrel steps to become around information technology.

  1. Connect to the cafe or the airport's Wi-Fi.
  2. Browse to a non-HTTPS site, such every bit http://world wide web.atmospheric condition.com.
  3. The sign-in folio should then open up. Y'all can accept the terms and then log in. Due to the fact that the terms are usually simply consisting of a checkbox, yous shouldn't be too concerned if information technology isn't running over HTTPS. Once connected you tin then browse to sites over HTTPS. Tip: If y'all can't become the sign-in folio to open, you could also try typing 1.1.1.1 into your browser (source).

Recall, whenever you're using public Wi-Fi a VPN can help protect yous even further by hiding your traffic. Here are a couple popular ones you might want to check out:

  • Private Cyberspace Access
  • TunnelBear
  • NordVPN

4. Bank check Your Figurer's Clock

Another very common reason that you might see the "your connection is not individual" fault is that your figurer'south clock is messed up. Browsers rely on these to be correctly synced upwardly to verify the SSL certificate. This can hands happen if you lot just purchased a new estimator, especially laptops on Wi-Fi for the first time. They don't always sync upward automatically later your start login. Below are the steps to update the time on your estimator. Note: This can too happen on mobile devices.

Windows

  1. Correct-click the time in the bottom correct-hand task tray.
  2. Select "Conform appointment/time."
    Adjust date and time on PC
    Adjust appointment and time in Windows
  3. Select "Set time automatically" and optionally "Set time zone automatically." This will update co-ordinate to 1 of Microsoft's NTP servers. Double check the fourth dimension in the bottom right-hand job tray to make certain information technology'due south correct. If not, you can click on the "Change" button to manually select a fourth dimension zone.
    Windows time zone
    Windows time zone
  4. Close your browser and re-open it. And then try revisiting the website.

Mac

  1. From the Apple menu click on "Organisation Preferences"
  2. Click the Date & Time icon. If the padlock appears at the bottom of the window you might need to click it and enter your administrator username and password.
  3. Select "Set date & fourth dimension automatically." This will update according to one of Apple'due south NTP servers.
  4. Select the Fourth dimension Zone tab. If information technology doesn't determine your location automatically simply uncheck it so yous tin manually set it. On the map select your fourth dimension zone region and city.
  5. Shut your browser and re-open it. And then revisiting the website.

5. Endeavour in Incognito Mode

Our next recommendation would usually be to articulate your browser'south enshroud. Nonetheless, that's easier said than washed for a lot of usa. 😉 If you desire to check if information technology might exist your browser cache, without clearing your cache, yous can always open upwardly your browser in incognito mode. Or examination another browser and run across if you lot still meet the "your connection is not individual" error. Don't rule out Chrome extensions either. Simply this volition assistance you lot test that.

Open Chrome in Incognito mode
Open Chrome in Incognito mode

In Mozilla Firefox Incognito way is referred to as "New private window." In Microsoft Edge, it'south referred to as "New InPrivate Window."

6. Clear Browser Cache and Cookies

If you recall it might be your browser, clearing your browser enshroud is always a expert troubleshooting step before diving into more in-depth troubleshooting. Beneath are instructions on how to practice information technology in the various browsers:

  • How to Strength Refresh a Single Page for All Browsers
  • How to Articulate Browser Cache for Google Chrome
  • How to Clear Browser Cache for Mozilla Firefox
  • How to Articulate Browser Cache for Safari
  • How to Clear Browser Cache for Net Explorer
  • How to Clear Browser Cache for Microsoft Edge
  • How to Clear Browser Enshroud for Opera

seven. Try Immigration the SSL State on Your Reckoner

Clearing the SSL state in Chrome is often overlooked but can come in very handy and is easy to try. Merely like clearing your browser's enshroud this can help if things get out of sync. To articulate the SSL country in Chrome on Windows, follow these steps:

  1. Click the Google Chrome – Settings icon (Settings) icon, then click Settings.
  2. Click Show advanced settings.
  3. Under Network, click Change proxy settings. The Cyberspace Backdrop dialog box appears.
  4. Click the Content tab.
  5. Click "Clear SSL state", and then click OK.
  6. Restart Chrome.
Clear SSL state
Articulate SSL state

If yous are on a Mac, see these instructions on how to delete an SSL document.

eight. Change DNS Servers

The next affair y'all can try is changing your DNS servers. We've actually seen the "your connectedness is not private" fault happen earlier when using Google'southward Public DNS (viii.eight.viii.8 and 8.viii.four.4) or Cloudflare'southward DNS (i.1.ane.1 and 1.0.0.i). Removing this and defaulting back to your Isp's DNS servers tin can sometimes set up DNS errors. Google and Cloudflare aren't perfect 100% of the time and we've issues occur now and then.

To do this on Windows, go to your network connexion properties and make sure "Obtain DNS server accost automatically" is selected. If you've added Google's Public DNS or Cloudflare's DNS to your router, y'all might also have to remove information technology from in that location.

Obtain DNS server address automatically
Obtain DNS server address automatically

9. Disable VPN and Antivirus Temporarily

Sometimes VPNs and Antivirus software can disharmonize or override your network settings, including blocking certain SSL certificates or connections. If yous have any running, try temporarily disabling them (closing them) or turning off their "SSL Browse" feature to run into if it resolves the "your connection is not private" error in Chrome.

10. Make Sure the Certificate Hasn't Expired

SSL certificates expiring without the website owner's knowledge happens all the time. In fact, a lot more than than you might retrieve. Even to Fortune 500 companies! We were able to find this tweet below within a matter of a few seconds. No large deal, simply Huntington Bank forgetting to renew their SSL certificate. 😨

Typically this happens due to the post-obit reasons:

  • The website possessor doesn't have automobile-renew enabled with the domain registrar or SSL document provider.
  • Auto-renew is enabled but payment fails because the user has forgotten to update their payment method. Users typically alter credits cards more frequently than they access their domain registrar's dashboard throughout the yr.
  • The website owner uses a free Let's Encrypt document which expires every ninety days and they don't have a script in identify to renew information technology, or they forget. At Kinsta, we've automated this process so you never have to worry about your free SSL certificates expiring.

This results in an accompanying error code: NET::ERR_CERT_DATE_INVALID.

NET::ERR_CERT_DATE_INVALID
NET::ERR_CERT_DATE_INVALID

You tin can easily check a document's expiration date by opening up Chrome DevTools while you're on the site. Click on the security tab and click on "View document." The "Valid from" dates will show in the document information.

Check SSL expiration
Check SSL expiration

Another quick and piece of cake style to admission a site's SSL document information in Chrome is to click on the padlock in the accost bar. And then click on "Document."

Certificate info
Document info

11. Check Subject Alternative Domain

Each certificate has what they call the Subject Alternative Name. This includes all the domain name variations for which the certificate is issued to and valid for. It's of import to annotation that https://domain.com and https://www.domain.com are treated as 2 dissever domains (just like a subdomain).

Subject alternative name
Subject alternative proper noun

If you're seeing an accompanying mistake lawmaking such equally SSL_ERROR_BAD_CERT_DOMAIN, it could be that a document is non registered properly on both variations of the domain. This is less mutual nowadays as sites usually have HTTPS redirects in place. At Kinsta you can generate your free HTTPS certificate for both www and non-www.

Generate an SSL certificate for your multisite in MyKinsta.
Generate an SSL certificate for your multisite in MyKinsta.

This could also happen if you just changed domain names. For instance, perchance yous but acquired that shiny new .com address and moved from your old domain. If you forget to install an SSL certificate on your new domain, so a Cyberspace::ERR_CERT_COMMON_NAME_INVALID error will most likely occur.

12. Is the Certificate SHA-1?

SHA-i is a cryptographic hash algorithm in one case commonly used by SSL certificates on the spider web. SHA-1 though has shown signs of weaknesses and therefore is no longer supported in whatever current browser. If a website is nonetheless using a certificate with this former algorithm the "your connection is not individual" mistake will appear.

  • Google Chrome removed support for SHA-1 in Chrome 56 (January 2017)
  • Mozilla Firefox appear deprecation of SHA-1 in Firefox 51 (February 2017)
  • Microsoft appear blocking SHA-ane signed TLS certificates (January 2017)

Most certificates at present use SHA-256 hash algorithms. This can be found under the "Details" tab when inspecting a certificate on a website.

Certificate hash algorithm
Certificate hash algorithm

13. Is the Certificate Issued by Symantec?

Back in Jan 2017, the public was made aware of some bad practices on Symantec's part when it comes to how they issued certificates. Essentially they didn't comply with the industry standard CA/browser forum baseline requirements. It too turned out that they had been enlightened of this for some time. Because of this, browsers decided to no longer back up certificates issued by Symantec.  If a website is withal using a certificate issued past them the "your connection is non individual" error might announced.

The timeline for this is still rolling out:

  • Google Chrome Symantec timeline
  • Mozilla Firefox Symantec timeline
  • Microsoft will most probable be following suit, although they haven't fabricated an official statement yet.

Using a Symantec certificate tin can result in the accompanying error lawmaking: Internet::ERR_CERT_SYMANTEC_LEGACY.

ERR_CERT_SYMANTEC_LEGACY
NET::ERR_CERT_SYMANTEC_LEGACY

fourteen. Run an SSL Server Exam

If yous're not certain if everything is set up correctly on your website or someone else'southward, you tin can e'er run an SSL server examination. SSL/TLS certificates require non just your main certificate merely as well what they call intermediate certificates (chain) to besides exist installed. If you don't have these set upward properly, visitors could get a warning in their browsers, which in turn might drive them abroad. And depending on the browser and version, y'all may or may not come across this warning if your certificate is setup incorrectly.

We recommend using the free SSL check tool from Qualys SSL Labs. It's very reliable and we employ it for all Kinsta clients when verifying certificates. Simply head over to their SSL bank check tool, input your domain into the Hostname field and click on "Submit." Yous can also select the choice to hide public results if you adopt. The browse might have a minute or two but it will show yous all the fine details regarding a site's SSL/TLS configuration.

ssl check a grade
Qualys SSL Labs

Bank check out our in-depth tutorial on a couple things to check for when running an SSL exam.

Nosotros've taken our cognition of effective website direction at calibration, and turned information technology into an ebook and video course. Click here to download The 2022 Guide to Managing threescore+ WordPress Sites!

15. Update Your Operating System

Older operating systems fall out of date with newer technologies such as TLS 1.3 and the latest cipher suites every bit browsers stop supporting them. Specific components in the latest SSL certs will simply stop working. Google Chrome, in fact, pulled the plug on Windows XP back in 2015. Nosotros always recommend upgrading to newer operating systems if possible, such equally Windows 10 or the latest version of Mac OS X.

Make sure your device is upwardly-to-date on Windows, Mac, or some other operating system.

16. Restart Your Computer

We know it'south annoying, just it has to be mentioned. ðŸ˜¬ If none of the above options work, trying restarting your figurer and even your router. We realize many of you probably have hundreds of tabs or applications open up and that's why we fabricated this one of the last options. Merely rebooting devices actually clears out a lot of temporary cache and hiccups.

17. Reach out For Assistance

Nonetheless seeing the "your connexion is non individual" error? Don't be afraid to reach out and ask for aid. If you see this on your own WordPress site, feel gratis to open up a ticket with our Kinsta back up team. We can help y'all make up one's mind why this might be happening and if information technology is indeed an issue on your website itself.

The Google Chrome Help Forums can also be especially helpful! Yous can guarantee there are users that have already experienced the same fault or bug, and are set up to help.

18. Disable Chrome Checking SSL Certificates

You tin can also disable Chrome checking SSL certificates. Withal, we tin't stress plenty, this is only meant for testing and evolution purposes. Don't ever use the post-obit options unless you lot know exactly what you're doing.

Permit Invalid Certificates From localhost

If yous're testing locally, you lot might be able to use the Chrome flag to just allow insecure connections from localhost. In Chrome, scan to:chrome://flags/. Search for "insecure" and you should see the option to "Allow invalid certificates for resources loaded from localhost." Enable that option and restart your browser.

Allow insecure connections on localhost in Chrome
Allow insecure connections on localhost in Chrome

Disable Chrome Checking All SSL Certificates

Yous can tell Chrome to ignore all SSL certificate errors past passing the following at the command line at launch. If you're on Windows simply right-click into the properties of the launcher. Then add --ignore-document-errors in the target field. So restart Chrome.

Chrome ignore certificate errors
Chrome ignore certificate errors

Summary

Browser errors are never fun and can sometimes exist difficult to troubleshoot. Hopefully i of the tips to a higher place will assistance you resolve the "your connectedness is not private" mistake every bit chop-chop as possible. Call back, these are typically caused past something misconfigured on your own figurer or with the certificate on the website itself.

Was there annihilation we missed? Perhaps you have another tip on troubleshooting the connection error. If so, let united states know beneath in the comments.

Save time, costs and maximize site performance with:

  • Instant help from WordPress hosting experts, 24/seven.
  • Cloudflare Enterprise integration.
  • Global audience achieve with 29 data centers worldwide.
  • Optimization with our congenital-in Application Performance Monitoring.

All of that and much more, in one programme with no long-term contracts, assisted migrations, and a 30-24-hour interval-money-back-guarantee. Bank check out our plans or talk to sales to find the program that's right for you.