If you've ever visited a website and seen an alarming message stating, "This site is not secure," or "Your connection is not secure," there are some simple methods for diagnosing the problem, gauging your level of risk, and mitigating any potential security hazards.
Users encounter error messages warning about connections that aren't secure in all browsers, including Chrome, Firefox, Safari, and more.
What Does 'Connection Is Not Secure' Mean?
Browsers will return a "connection not secure" error when they can't verify a website's SSL certificate. SSL is a secure data-encryption method that keeps transmitted data private and safe. If a browser detects a problem with a site's SSL certificate, it won't load that site because it might be unsafe.
While all this can sound very alarming, it's likely that nothing is wrong.
What Causes This Error?
Many things can cause these errors warning about a connection that isn't secure, some of which are problems on the site's end.
The website could have an expired SSL certificate, no SSL certificate, or one that wasn't set up correctly. Setting up SSL certificates is hard, especially if a site's administrators bought a higher-end certificate, and not everyone always gets it right. It's also possible that a trusted organization didn't issue the certificate.
To see if the site's SSL certificate is expired, select Not Secure on the top of the error window, and then Select Certificate. Check the Expires On date to see if the certificate is expired. If so, you can't fix the problem, but you can email the site owner to let them know.
Troubleshoot Insecure Connection Errors
There's nothing you can do if the problem is on the website's end. But if the problem is coming from your computer or device, there are some easy fixes to try.
Reload the Page
This is a quick and easy troubleshooting option to try. Close and reopen your browser and try to load the page again. Something may have been off with your browser, or the site owner might have been reissuing their SSL certificate.
Update Your Browser
Outdated browsers may have security holes that updates will fix. Check to see if you're using the latest version of your browser by going to the browser's main website. Download any updates available.
Clear Your Browser Cache and Cookies
Clearing your browser cache and cookies is another quick, easy troubleshooting method that may solve the problem.
Use an SSL Certificate Checker
Third-party SSL certificate checkers, such as SSL Server Test, will tell you everything about the flagged site, from its IP address to the certificate issuer to the expiration of its certificate. What you find will tell you if the site's problem is simple or more complicated.
Use HTTPS Everywhere
If the above check reveals only a minor error for a site you're familiar with that ordinarily has a valid certificate, take some quick precautions before proceeding as usual. For desktop computers running Firefox, Chrome, or Opera, install the HTTPS Everywhere extension to make sure all your connections are encrypted. This way, even if the certificate doesn't match exactly, you should still have an encrypted connection.
Check Your Antivirus Software
As antivirus software becomes more advanced, it adds new features to protect against the latest threats. One such feature is a firewall that blocks sites not secured with SSL. While this is usually good, it can sometimes conflict with your network settings and mistakenly block some SSL certificates and connections.
To see if this is the problem, try temporarily disabling your antivirus software's SSL scanning feature.
Check Your Computer's Date and Time
An incorrectly set date and time on your device can prevent your browser from verifying the SSL certificate of the site you're visiting. This is because when the browser checks the expiration date of an SSL certificate, it compares it to the time on your computer's clock. Take a look at your computer's date and time to make sure it's accurate.
Make sure you've typed the site's URL correctly. Any small typo could result in the wrong site trying to load, which could lead to a "connection not secure" error.
Should You Ignore the Error?
If you feel confident that the error is on the part of the website, and the website is known and trusted, and if the site doesn't include any functionality where sensitive personal data passes back and forth, you can choose to ignore the error and proceed like normal.
But if you've gone through all these troubleshooting steps and there is still an error, understand that the site may have a serious security problem, and you should exercise extreme caution. If the site isn't one you have to visit, don't go there for a while. The admins may need time to sort out any serious issues.