Your IP: Unknown · Your Status: Unprotected Protected

Blog How-To

How to fix the ‘Your connection is not private’ error

Jun 26, 2019 · 6 min read

How to fix the ‘Your connection is not private’ error

The ‘Your connection is not private’ error message can appear when connecting to a secure HTTPS website. This means that your browser is preventing you from visiting the page because it cannot establish a secure connection. Read on to find out why this happens and how to fix the error.

What does ‘Your connection is not private’ mean?

When you visit an HTTPS webpage, your browser sends a request to the website's servers. Both the browser and the server need to complete an SSL/TLS handshake to establish a secure connection (you can learn more about the SSL/TLS handshake here). During the handshake, the website sends the browser its SSL certificate to prove that it’s secure and they both agree on the encryption protocol they will use to communicate.

If your browser cannot validate the SSL certificate, a secure connection cannot be established. Most popular browsers stop you from visiting such sites and will show you a ‘Your connection is not secure’ error.

‘Your connection is not private’ on Chrome and Mozilla

Depending on your browser, your operating system, and how the web servers are configured, you might get different variations of the same message.

On Google Chrome you will most likely see:

“Your connection is not private. Attackers might be trying to steal your information from [domainname.com] (for example, passwords, messages, or credit cards).”

This can be followed by these common error codes:

  • ERR_CERT_SYMANTEC_LEGACY
  • NET::ERR_CERT_AUTHORITY_INVALID
  • NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)
  • NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
  • NTE::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
  • NET::ERR_CERT_DATE_INVALID
  • SSL certificate error
  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH

On Mozilla Firefox you’ll see:

“Your connection is not secure. The owner of [domainname.com] has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.”

This message can also be accompanied by one of the following error codes:

  • MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
  • SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE
  • SEC_ERROR_EXPIRED_CERTIFICATE
  • SEC_ERROR_UNKNOWN_ISSUER
  • MOZILLA_PKIX_ERROR_MITM_DETECTED
  • ERROR_SELF_SIGNED_CERT
  • SSL_ERROR_BAD_CERT_DOMAIN

‘Your connection is not private’ fix

The error might appear for many reasons – there might be issues on the client side or on the web server and its SSL certificate. It may also mean, as the errors suggest, that the website has been compromised by hackers or scammers. You’ll be able to fix most client side issues by trying one of the methods below.

1. Refresh the webpage

Sometimes all you need is to refresh the page or close and reopen the browser. It might be that there was something out of order when you were trying to connect or the website owner was reissuing the SSL certificate.

2. Use incognito mode

Try visiting the site in incognito mode. It might be that your extensions are preventing the SSL connection.

On Chrome, click on the three-dot icon in the upper right-hand corner and click New incognito window. You can also use Ctrl+Shift+N.

Incognito mode on Chrome

On Mozilla Firefox, click on the three-line icon in the upper right-hand corner and then click New Private Window. You can also use click Ctrl+Shift+P.

Incognito mode on Mozilla

3. Check the time and date on your device

One of the main reasons why browsers can’t establish secure connections is if your device has the wrong time and date. If you have just bought a new device, it may be that the date and time hasn’t been synced correctly. Browsers use this to verify SSL security certificates, so you need to make sure that it’s correct. Some SSL certificates are valid for only a couple of months. So if your device’s date and time were set when the device was launched, then you will see the error.

On Windows:

  1. Right click on the date and time on your taskbar and select Adjust date/time.
  2. Check date and time on Windows

  3. Then turn on Set time automatically and Set time zone automatically.
  4. Check date and time on Windows

  5. If the time doesn't sync automatically, turn off both of the features and set it manually.

On Mac:

  1. From the Apple menu, click on System Preferences and select Date & Time.
  2. Check date and time on Mac

  3. If you see the padlock at the bottom of the window, click on it and sign in with your username and password.
  4. Check date and time on Mac

  5. Tick Set date and time automatically.
  6. Check date and time on Mac

  7. If it doesn’t sync automatically go to the Time Zone tab, uncheck it, and manually set the time. You can select your time zone, region and city from the map.
  8. Check date and time on Mac

4. Check your internet connection when on a public WiFi

Another very common reason why you might see the error message is that you’re connected to a public WiFi that doesn’t support HTTPS or is configured incorrectly. Most such WiFi networks will ask you to sign in and agree to terms and conditions before you connect to the internet (because they want to harvest your data and see what you do). If a sign-in page doesn’t pop up automatically and you try to visit an HTTPS page – you’ll most likely see an error message.

To fix it, try going to an HTTP website you trust. This should automatically bring up a sign-in page. If it doesn’t, you can also try typing 1.1.1.1 into your URL bar. Don’t forget: when using public WiFi, it’s essential to use a VPN as snoopers connected on the same network could steal your personal data.

5. Clear browser cache

Another easy fix is clearing your browsing data. Your cache may be preventing you from visiting the site.

On Google Chrome:

  1. Click on the three-dot icon in the upper right-hand corner, select More tools, and then Clear browsing data. You can also use Ctrl+Shift+Del.
  2. Clear cache on Chrome

  3. A new window will pop up. Select the timeframe from the dropdown menu (4 weeks should work perfectly fine) and tick Cached images and files only. Then click Clear data.
  4. Clear cache on Chrome

On Mozilla Firefox:

  1. Click on the three-line icon in the upper right-hand corner and click Library.
  2. Clear cache on Mozilla

  3. Select History and Clear recent history. You can also use Ctrl+Shift+Del.
  4. Only tick Cache and Clear Now.
  5. Clear cache on Mozilla

6. Update your operating system

Old operating systems might not work with the newest encryption protocols, like TLS v.1.3. In fact, most web servers no longer support old encryption protocols, so if your operating system doesn’t support TLS, you will not be able to establish a secure connection. To avoid this, make sure that your operating system is up to date.

7. Temporarily disable your antivirus

If you have oversensitive antivirus software, it might also stop you from visiting HTTPS websites. Try temporarily disabling it and refreshing the webpage. You can also try disabling its SSL scan feature.

8. Clear the SSL state on your computer

Similarly to clearing your cache, you can also clear your SSL state, which might fix the connection error.

On Google Chrome:

  1. Click on the three-dot icon in the upper right-hand corner and click Settings.
  2. Clear SSL State on Chrome

  3. On the left hand side, click on the three-line icon to expand the Settings menu and select System.
  4. Clear SSL State on Chrome

  5. Click on Open proxy settings. A new window will pop up.
  6. Clear SSL State on Chrome

  7. Click on the Content tab and tap Clear SSL state.
  8. Clear SSL State on Chrome

On Mozilla Firefox:

  1. Click on the three-line icon in the upper right-hand corner and click Library.
  2. Clear SSL State on Mozilla

  3. Select History and Clear recent history.
  4. Only select Active Logins and Clear Now.
  5. Clear SSL State on Mozilla

9. Restart your computer

Restarting your computer deletes all temporary caches, which might fix the error too.

What if it still doesn’t work?

If none of the methods above fixed the problem, it’s very likely that the problem is on the web server’s side and there’s no way you can fix it. It might be that:

  • The website forgot to renew their SSL certificate. On Chrome, you can check its validity by right-clicking on the green padlock symbol.
  • The SSL certificate might be using an outdated SHA-1 cryptographic hash algorithm, which is considered to be unsecure and is no longer supported by current browsers.
  • The SSL certificate has been issued by an untrusted organization.

If the issue is on the server side, you could ask for help on forums (i.e. Google Chrome Help Community), or access the website without an SSL connection. However, we do not recommend establishing an unsecure connection as your data will be out in the open and anyone will be able to snoop on your sensitive information. Plus, if the website was supposed to have a secure connection but doesn’t, you won’t know why. It could be an innocent mistake or it could have been hacked!

For more cybersecurity tips and tricks, subscribe to our monthly blog newsletter below!


Emily Green
Emily Green successVerified author

Emily Green is a content writer who loves to investigate the latest internet privacy and security news. She thrives on looking for solutions to problems and sharing her knowledge with NordVPN readers and customers.


Subscribe to NordVPN blog