safari certificate errors

[SOLVED] How Do I Fix Safari Certificate Error on Mac?

Safari, the default web browser on Mac, is known for its seamless browsing experience and robust security features. However, there are times when you might encounter a pesky “Certificate Error”  while trying to access certain websites. These errors can be frustrating, but they’re usually a result of security measures designed to protect you from potentially harmful websites. In this guide, we’ll walk you through the common causes of Safari certificate errors  on Mac and provide step-by-step solutions to help you resolve them.

Quick Navigation:

Part 1: Understanding Safari Certificate Errors

Part 2:common causes of safari certificate errors, part 3: how do i fix invalid certificate error on mac.

An “Invalid Certificate Error”  on Mac, specifically when encountered in a web browser like Safari, indicates that there is an issue with the SSL/TLS certificate presented by a website. SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that provide secure communication over networks, such as the Internet. These protocols ensure that the data exchanged between a user’s device and a website’s server is encrypted and secure.

SSL/TLS certificates play a crucial role in this process by validating the authenticity of a website and establishing a secure connection. When you visit a website, your browser checks the website’s certificate to verify its identity. If the certificate is valid, properly issued by a trusted Certificate Authority (CA), and not expired, your browser establishes a secure connection. However, if there’s an issue with the certificate, you’ll see an “Invalid Certificate Error.”

Certificate errors in Safari  occur when the browser detects an issue with the SSL/TLS certificates used by a website to establish a secure connection. SSL/TLS certificates are digital documents that validate the identity of a website and encrypt data exchanged between the user and the website. When Safari encounters a problem with these certificates, it displays an error message to prevent users from accessing potentially unsafe websites.

There are a few common scenarios that can trigger an “Invalid Certificate Error” , Explore our step-by-step guide on resolving safari certificate errors  and enjoy uninterrupted browsing.

Expired Certificate: SSL/TLS certificates have an expiration date. If the certificate presented by the website has expired, your browser will flag it as invalid.

Untrusted Certificate Authority: If the certificate is not issued by a recognized and trusted Certificate Authority, your browser will treat it as invalid.

Certificate Chain Issues: SSL/TLS certificates are often issued in a chain, with an intermediary CA and a root CA. If any part of this chain is not properly configured or trusted, it can lead to an invalid certificate error.

Hostname Mismatch: The certificate is issued for a specific domain or hostname. If you’re trying to access the site using a different URL, your browser might consider the certificate invalid.

Self-Signed Certificates: Some websites use self-signed certificates instead of those issued by trusted CAs . While they can provide encryption, they’re not automatically trusted by browsers, resulting in an invalid certificate error.

Certificate Revocation: If the website’s certificate has been revoked due to security concerns, your browser will consider it invalid.

Mismatched Public and Private Key: If there’s a mismatch between the public key in the certificate and the corresponding private key on the server, it can lead to an invalid certificate error.

It’s important to note that while encountering an invalid certificate error can be frustrating, these errors are designed to protect users from potentially harmful websites and secure their data. In some cases, you might be able to proceed to the website if you’re certain it’s legitimate, but exercise caution when doing so.

If you encounter an invalid certificate error, it’s recommended to ensure that you’re accessing legitimate and secure websites. If you’re uncertain about the legitimacy of a website or the nature of the error, it’s best to avoid proceeding and potentially exposing your personal information to security risks.

It’s important to take these warnings seriously, as they are designed to protect you from potentially harmful websites and unauthorized access to your data. If you’re certain that the website you’re trying to access is legitimate, you can proceed with caution. However, exercise vigilance and ensure you’re visiting secure websites to avoid falling victim to online scams or security breaches.

Fixing an “Invalid Certificate Error”  on your Mac involves troubleshooting the underlying issues related to SSL/TLS certificates. Here’s a step-by-step guide to help you resolve this error:

Check Date and Time Settings: Click on the Apple menu in the top-left corner of your screen and select “System Preferences.”  Choose “Date & Time”  and ensure that the option to “Set date and time automatically”  is enabled. An incorrect system date and time can trigger certificate errors.

Clear Safari Cache and Cookies : Open Safari and click on “Safari”  in the top menu. Select “Preferences”  and navigate to the “Privacy”  tab. Click “Manage Website Data”  and remove stored data for the affected website. Cached data can sometimes cause certificate errors.

Update Safari: Outdated browsers can sometimes have issues with certificate validation. Check for updates by clicking the Apple menu, selecting “System Preferences,”  and then choosing “Software Update.”  Install any available updates for Safari.

Check the Website URL: Ensure you’re accessing the website using the correct URL and domain. Mismatched URLs can trigger certificate warnings.

Use a Different Browser: If the error persists in Safari, try accessing the website using a different browser like Google Chrome or Mozilla Firefox. This can help determine if the issue is specific to Safari.

Proceed with Caution: If you’re certain that the website is legitimate and you want to proceed despite the certificate error, you can often do so by clicking on the “Advanced”  or “Show Details”  option (if available) on the error page. However, exercise caution when bypassing warnings.

Check the Certificate Chain: Click on the “Advanced”  or “Show Details”  option on the error page to view the certificate details. Verify that the certificate chain is complete and issued by a trusted Certificate Authority. If there are any issues with the chain, it could trigger the error.

Contact Website Support: If you continue to experience the error, reach out to the support team of the website you’re trying to access. They might be able to provide insight or resolve the issue from their end.

Check for Network Interference: If you’re on a network with strict security settings, proxies, or firewalls, they might interfere with SSL/TLS connections. Try accessing the website from a different network to see if the error persists.

Update macOS: Ensure your macOS is up to date. Sometimes, system updates can include security patches that affect SSL/TLS certificate validation.

Scan for Malware or Adware: Use reputable antivirus or antimalware software to scan your Mac for potential malware or adware that might be causing certificate errors.

Remember that while some certificate errors can be bypassed, it’s crucial to exercise caution and only proceed if you’re confident about the legitimacy of the website. Invalid certificate errors are designed to protect your data and privacy, so avoid accessing websites that trigger these warnings unless you’re certain they’re safe.

Encountering a certificate error in Safari  on your Mac might be an inconvenience, but it’s a sign that your browser is working to keep you safe. By following the steps outlined in this guide, you can often resolve these issues and continue browsing securely. Remember, while there are workarounds like bypassing warnings, it’s always best to ensure that you’re visiting legitimate and secure websites to protect your personal information and sensitive data.

Latest Articles

• Perfect Microsoft Access Alternative for Mac Users
• How to Convert FLAC to MP3 on Mac and Windows
• Troubleshooting Apple Music Not Working on Your Mac
• How to Pause Watch History YouTube [2023 Full Guide]
• How to Delete Your iCloud Account: A Step-by-Step Guide
• PNG Vs JPG: A Battle of The Popular Image Formats
• Troubleshooting Tips: How to Connect Beats to Mac

PowerUninstall

Weekly Sale

[SOLVED] How Do I Fix Invalid Certificate Error on Mac?

Written By Jordan Baldo

Last updated: January 4, 2024

Almighty writing expert who is proficient in analyzing Mac issues and providing efficient solutions.

Safari, Google Chrome, Firefox, and Opera are all browsers used to surf the web. They’re a great way to check out different sites that offer information, provide entertainment, and even shopping choices. But, of course, the browsers are not without flaws. The sites you go to doesn’t have flaws too. So, there are issues you can face.

You might ask, “ how do I fix invalid certificate error on Mac ?” This error can usually happen with different websites you’re trying to access. Usually, the browsers work great in terms of browsing the web. But, the error happens when the browser tries to verify the website’s specific identity. And if it gets an issue, you get an invalid certificate error.

Contents: Part 1. What is an Invalid Certificate Error on Mac? Part 2. Why I Get an Invalid Certificate Error Warning? Part 3. How Do I Fix Invalid Certificate Error on Mac? 8 Solutions Part 4. Summary

This guide will give you the details to solve the expired certificates on Mac. In this way, you can view the website you want to check out, especially if it’s a necessity for work or school.

[Quick Guide] 8 Ways to Fix Invalid Certificate Error on Mac

• Ensure placing the right domain name match
• Update your browsers to the latest version
• Fix invalid certificate error on Mac using Keychain
• Correct your system date and time
• Modify certificate trust settings
• Check firewall or antivirus security software
• Clear cache, cookies, and browsing history
• Disable invalid SSL certificates within browsers

Free Tool to Clear Browser on Mac & Fix Error

Part 1. What is an Invalid Certificate Error on Mac?

Let’s dig into a little overview before we answer the “How do I fix invalid certificate error on Mac” Websites are very important these days. People are very dependent on using technology. That’s why websites are so popular. However, they’re not invulnerable.

There are a lot of cyber attacks happening. An SSL or TLS certificate is necessary for website owners. Usually, it’s a gauge of your website’s security and safety. If a website doesn’t have an SSL certificate, browsers such as Safari, Google Chrome, and Firefox, will show an error to viewers that the certificate for this server is invalid.

So, what exactly is an Invalid Certificate Error or an Invalid SSL Certificate Error? This error is found if the browser cannot recognize the SSL certificate installed on the website. For example, some users may see a message like " Safari can't verify the identity of the website xxxx " when they navigate in the browser.

The browser cannot say that the certificate authority is valid or it cannot recognize it. This means the installed SSL cannot be trusted and the site may be dangerous.

Then how do I get my Mac to trust a certificate ? To find certificates on Mac, open Utilities > Keychain Access > login keychain > choose Certificates from the menu bar. Now you can double-click the certificate you want and then choose different the "Trust" settings.

An Invalid SSL Certificate Error means it cannot recognize or fails to identify the websites’ installed SSL. The certificate authority may not be enlisted in their “list” of acceptable or trusted CAs . Usually, popular certificate authorities include Sectigo, Comodo, and DigiCert.

Part 2. Why I Get an Invalid Certificate Error Warning?

There are other reasons why you are seeing the invalid error certificate. Here, we will discuss some of those reasons for you to solve the invalid certificate error problem on Mac. Check them out below:

• If you access a domain that is mismatched, browsers may show the invalid SSL certificate error.
• You signed the certificate in these two ways, through a certificate that’s self-signed or through a trusted, unknown source. In this case, the browser will show the said error. We will tell you the answer to “How do I fix invalid certificate error on Mac”.
• The certificate of the website is currently not valid or the certificate has already expired.
• In rare cases, if the website possesses an SSL certificate of the incorrect format, browsers will display it as invalid.
• Misconfigured SSL or TSL certificates can be a result of this error showing up. This misconfiguration can usually happen during installation.
• The certificate installed is revoked or bought illegally.
• Antivirus software or your firewall may be blocking the SSL connection.
• The site may be using SHA-1 encryption. This case is usually rare.
• The browser may not be able to verify the installed certificate’s signature.
• Broken structure of the SSL or TLS certificate.

Another reason for you to ask the question, “How do I fix invalid certificate error on Mac” is the possibility of having a broken certificate chain of trust. What do you mean by this? Well, it happens in a few instances such as the following:

• A root certificate authority (CA) that is actually not verified.
• Expired root or even intermediate certificate.
• It has an actual self-signed certificate in the chain.
• The chain actually doesn’t terminate with a root certificate that’s trusted.

Part 3. How Do I Fix Invalid Certificate Error on Mac? 8 Solutions

After we have given you the reasons for the occurrence of this issue, you may be able to figure out some of the things you have to do. But, to make it easier for you, we will give you 8 solutions to solve the certificate problem, and quickly get your Mac to trust a certificate or update the certificate.

Solution 01. Ensure You Place the Right Domain Name Match

Works for: All Browsers

If you got a mismatched domain name, you will get an invalid certificate error on Mac. The same goes for Windows. The first thing you should do is to make sure that you type in the correct match of the domain name of the website. It’s pretty obvious, but this one does the trick.

Solution 02. Update Your Browser to Latest Version

Another obvious solution! How do I fix invalid certificate error on Mac? Well, you should try to update your browsers. This solution works for Safari, Google Chrome, Opera, and Firefox, among others. Here are the steps on how to update each browser.

How to Update Safari?

• Open the Apple Menu. Head towards the Apple menu on your Mac computer.
• Choose Software Update. After that, click on the option labeled Software Update.
• Install all the updates available for your Safari browser.

How to Update Google Chrome

• Launch Chrome. Open Chrome and click More that looks like three dots aligned vertically.
• Click Update. Click the option to “ Update Google Chrome ”.
• Click the option to Relaunch.

How to Update Firefox

• Launch Firefox. Open Firefox on your computer.
• Open the Menu. Click the Menu button that appears like three lines .
• Choose "About Firefox". Choose the option that says “ Help ” and then click “About Firefox” on the menus.
• Wait for an Update. The final thing to do is to wait for the automatic update to finish.
• Restart your Firefox browser afterward.

Solution 03. Fix Invalid Certificate Error on Mac Using Keychain

You can actually turn towards the Keychain Access to fix an invalid certificate error on Mac. After that, you should verify and then repair the certificates. We are referring to the certificates contained within the user account that’s active in Mac.

How do I fix invalid certificate error on Mac using Keychain? Here’s how to do it.

• Quit Browsers. These include Safari, Chrome, etc.
• Open Spotlight. Press the CMD + SPACEBAR buttons to open Spotlight. Type in Keychain Access to launch the app.
• Go to the Keychain Access Menu. Then, you should select Keychain First Aid .
• Enter Password. Then click the Verify box to check it. Then, click the “Start” button.
• Click the radio box called Repair and then choose Start again.
• Restart Safari. And try to visit the said website again.

Solution 04. Correct System Date and Time

Works For: All Browsers

There may be a problem with your time settings. Thus, how do I fix invalid certificate error on Mac? Well, you should adjust the time and settings to the correct one. Here are the steps on how to do that easily:

• Connect To the Internet. This will allow you to get an accurate time.
• Quit Safari or any browser that you use.
• Launch Apple Menu. Open the Apple Menu and then visit the System Preferences option.
• The next step is to choose “ Date & Time ”. After that, you should check the actual box that says you should automatically set your date and time. If it’s already checked, you should uncheck it and check it back again.
• Open Your Browser Again, then go to the page you want to visit.

Solution 05. Modify Certificate Trust Settings

This is another answer to the problem “How do I fix invalid certificate error on Mac”. If the issue persists for particular certificates alone you have to make sure you trust the actual certificates you wish to connect to.

Once you are sure you trust it, you should modify its trust settings. This will enable its authentication to actually proceed. Here’s how to do this step by step:

• Launch Keychain Access. Do this by going to the Applications and then Utility folder. Select your actual login keychain.
• Click and open Certificates. Go to the category labeled Certificates and then find the certificate you wish to connect to. This is done by searching the service’s domain name on the search box. Or, you can scroll through the list.
• Check out Certificate status and Tweak.
• If the certificate you want to connect to has an X symbol (colored red), this has to mean that it is invalid or has expired. What you have to do in this case is to right-click that particular certificate and then delete it from the computer’s system.
• If the said certificate has a Plus (+) symbol (colored blue), you must tweak the settings. You should choose System Defaults as the trust setting for it. To do this, you should open the certificate within Keychain Access by double-clicking its icon. Then, expand the section for Trust settings. Then, select Use System Defaults located at the top part of the menu.

Solution 06. Check Firewall or Antivirus Security Software

You should make sure that the firewall settings do not block that particular site. So, this is another solution to the question, “How do I fix invalid certificate error on Mac”. In addition, make sure the antivirus software doesn’t block it as well. This will allow you to ensure that the site is accepted by your entire system.

Solution 07. Clear Cache, Cookies and Browsing Data

Here, you should remove cookies , cache, and browsing history from your browser. This may include clearing login history or passwords as well. The steps are different for each browser. However, the premise is exactly the same. You simply have to clear it through the menu, options, or settings, section of your browser.

Tips: We recommended using the Mac cleaning tool - PowerMyMac to help you improve your browser's online experience and reset all browser settings to default.

Its " Privacy " module will clean up all cookies, caches, and history, eliminate deceleration reasons, clear privacy traces to protect your confidential data, and more.

Get A Free Trial Now!

You can try this tool for free to fix the Invalid Certificate Error on Mac.

Solution 08. Disable Invalid SSL Certificate within Browsers

Works For: Google Chrome, Firefox

This is the last thing you should do. This is because the website you’re trying to access may be dangerous. In this case, you’re removing the protection offered by the browsers. Can I fix invalid certificate error on Google Chrome and Firefox ? The answer is yes. But Opera, Safari, and Microsoft Edge don’t allow it. This is because it may be a risk to your system.

Tips & Tricks

Troubleshooting, how to fix safari “this connection is not private” warnings.

Are you receiving an error message saying “This connection is not private” when you’re trying to access a website in Safari from iPhone, iPad, or Mac? Many users have seen this error at some point as they browse the web, and this can be bypassed or ignored quickly fixed regardless of what device you use.

This message pops up when Safari’s security check on the website’s certificate fails. You’ll likely face this issue when you’re visiting a website that uses an expired certificate, or HTTP instead of HTTPS when it’s not configured properly. The difference between the two is that the older HTTP doesn’t have an SSL certificate, and therefore they aren’t ‘secure’ by default. However, SSL certificates aren’t valid forever, so you might still face this issue on HTTPS sites when the SSL certificate has expired, if it’s setup incorrectly, or if it’s not issued by a legitimate certificate authority. Finally, you can also face this issue if the device viewing the website has a clock that isn’t set to the proper time, since that breaks the certificate check too.

In any event, if you use Safari on an iPhone, iPad, or Mac, you can still bypass the “This connection is not private” warning and access the site.

Important note: if you encounter a “This connection is not private” error message on a banking website, financial services site, email site, or anything where critically important data is submitted or exchanged, there may be something else going on and you should not attempt to bypass the warning message. Instead, check the URL to make sure it is correct, try again later, or contact the company directly.

How to Fix Safari “This Connection Is Not Private” Warnings on iPhone & iPad

Bypassing this error is actually a pretty simple and straightforward procedure, but most people don’t seem to read the error message completely. Just follow the steps below to get started.

Now, you’ll be able to view all the contents of the website like normal, but you’ll notice a “Not Secure” notice in the address bar .

How to Fix Safari “This Connection Is Not Private” Warnings on Mac

The procedure to bypass the warning is pretty similar on a macOS system too. Here’s how it works:

And there you have it, you’re viewing the site. Again on the Mac you’ll find the “Not Secure” website message in the address bar, indicating you should not transmit any important personal data like banking details, login information, etc on the URL. But if it’s simply an informational site where you are not inputting any personal data, there usually isn’t much concern.

Now you know how easy it is to fix “This connection is not private” warnings in Safari.

Although this warning is mostly a website-related issue, entering the wrong URL, an incorrect system clock, a VPN issue, or even corrupted browser cache can sometimes also be the reason why you see this warning. Therefore, you might want to double-check that you have the proper URL entered, that the device has the date and time and clock set properly (you can check in Settings on iPhone/iPad or System Preferences on Mac), and consider clearing your Safari browser cache . To do this on an iPhone or iPad, head over to Settings -> Safari and tap on “Clear History and Website Data”. For clearing the Safari cache on your Mac , just go to Safari -> Preferences from the menu bar. Additionally, if you’re using a VPN on your device, turn it off and visit the site again to see if you’re still getting the warning. If you read the warning message carefully, you’ll see that fixing your clock can also resolve this issue too.

You may see this error with or without browsing in Private mode in Safari too .

Similarly, you can run into a connection not private error in Google Chrome, with a similar resolution though the Chrome issue is almost always related to improper SSL certificates, expired certs, or a time/date error on the device itself.

We hope you were able to stop getting this error on your iPhone, iPad, and Mac. How often do you get these warnings while browsing in Safari? Share your experiences, thoughts, and advice in the comments.

Enjoy this tip? Subscribe to our newsletter!

Get more of our great Apple tips, tricks, and important news delivered to your inbox with the OSXDaily newsletter. 

You have successfully joined our subscriber list.

Related articles:

• Use Private Browsing Mode in Safari for Mac OS X on a Per Window Basis
• How to Completely Disable Private Browsing in iOS on iPhone and iPad
• How to Tell if Safari Private Browsing is Enabled When in Dark Mode for MacOS
• How to Use Private Relay in Safari to Hide Your IP address on iPhone & iPad

10 Comments

» Comments RSS Feed

Not so simple. When you go to “visit website anyway” it then tells you website has been blocked. We don’t even have a choice.

So really, this article is misleading.

The article is accurate Heidi.

A blocked warning is a different warning from “This connection is not private”, you might be experiencing a blocked website form a firewall or from your ISP.

There is no way to access this website. The warnings do not give access in any way shape or form. It’s a Godaddy site but my iPad Pro 11 will not allow me to access. There is not “enter anyway” or “visit Webite” button, the site is basically completely locked from me and I have to use my Microsoft Windows 10 to get there.

What website are you trying to access, and what is the exact error message that you see?

It is possible that your iPad Pro clock is set improperly, which can also cause issues with connections to websites. Do other HTTPS sites load fine on the iPad?

Yeah, does anyone know how to do it now?

visit website option is no longer available.

This crap has been going over and over and over and they never fix it, same with the audio crackling noise. These days nothing really works with Apple, it’s unbelievable the software they put out, zero QA literally.

My Safari (13.1.2, MacOS 10.13.6, MacBookPro8,1) just goes into an infinite loop. I keep on getting the warning, clicking on the “visit the website”, supplying the password, over and over, and I never actually see the web page. I have to switch to Google Chrome or Firefox to be able to see it. This behavior has been consistent over multiple Safari and OS versions.

Mine always asks for a password to make a change to Keychain in order to bypass the warning. Is there a way to fix that? I always switch to another browser which is quite inconvenient

Leave a Reply

Name (required)

Mail (will not be published) (required)

Subscribe to OSXDaily

• - Fixing Apple Watch False Touch & Ghost Touch Issues
• - How to Connect AirPods to a Smart TV
• - How to Customize the Finder Sidebar on Mac
• - How to Uninstall Apps on MacOS Sonoma & Ventura via System Settings
• - How to Mute a Call on Apple Watch
• - Beta 3 of iOS 17.5, macOS Sonoma 14.5, iPadOS 17.5, Available for Testing
• - Apple Event Set for May 7, New iPads Expected
• - Beta 2 of iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, Available for Testing
• - Opinion: Shiny Keys on MacBook Air & Pro Are Ugly and Shouldn’t Happen
• - MacOS Ventura 13.6.6 & Safari 17.4.1 Update Available

iPhone / iPad

• - How to Use the Latest GPT 4 & DALL-E 3 Free on iPhone & iPad with Copilot
• - How to Bulk Image Edit on iPhone & iPad wth Copy & Paste Edits to Photos
• - What Does the Bell with Line Through It Mean in Messages? Bell Icon on iPhone, iPad, & Mac Explained
• - iOS 16.7.7 & iPadOS 16.7.7 Released for Older iPhone & iPad Models
• - Fix a Repeating “Trust This Computer” Alert on iPhone & iPad
• - Make a Website Your Mac Wallpaper with Plash
• - 15 Mail Keyboard Shortcuts for Mac
• - How to Use Hover Text on Mac to Magnify On-Screen Text
• - What’s a PXM File & How Do You Open It?
• - Fix “warning: unable to access /Users/Name/.config/git/attributes Permission Denied” Errors

About OSXDaily | Contact Us | Privacy Policy | Sitemap

This website is unrelated to Apple Inc

All trademarks and copyrights on this website are property of their respective owners.

© 2024 OS X Daily. All Rights Reserved. Reproduction without explicit permission is prohibited.

Safari User Guide

• Change your homepage
• Import bookmarks, history, and passwords
• Make Safari your default web browser
• Go to websites
• Find what you’re looking for
• Bookmark webpages that you want to revisit
• See your favorite websites
• Use tabs for webpages
• Pin frequently visited websites
• Play web videos
• Mute audio in tabs
• Pay with Apple Pay
• Autofill credit card info
• Autofill contact info
• Keep a Reading List
• Hide ads when reading articles
• Translate a webpage
• Download items from the web
• Share or post webpages
• Add passes to Wallet
• Save part or all of a webpage
• Print or create a PDF of a webpage
• Customize a start page
• Customize the Safari window
• Customize settings per website
• Zoom in on webpages
• Get extensions
• Manage cookies and website data
• Block pop-ups
• Clear your browsing history
• Browse privately
• Autofill user name and password info
• Prevent cross-site tracking
• View a Privacy Report
• Change Safari preferences
• Keyboard and other shortcuts
• Troubleshooting

Digital certificates and encrypted websites in Safari on Mac

A certificate, also known as a “digital certificate” or a “public key certificate,” is a file that helps keep web communications secure.

Certificates are issued by trusted organizations, such as VeriSign, Inc. or RSA Security, Inc. When you visit an encrypted website—for example, to do online banking—Safari checks if the site’s certificate is legitimate. If it’s not, Safari warns you.

An encrypted website and Safari work together to encrypt information you exchange with the site. The key used for the encryption is contained in the site’s security certificate. This protects your login information, credit card numbers, addresses, and other secure data.

If you need to connect to a website that requires a personal certificate, you’re provided with a certificate and instructions for installing it. After it’s installed, you gain authenticated access to the website automatically. If you’re unable to access it, contact the website administrator.

Open Safari for me

• PRO Courses Guides New Tech Help Pro Expert Videos About wikiHow Pro Upgrade Sign In
• EDIT Edit this Article
• EXPLORE Tech Help Pro About Us Random Article Quizzes Request a New Article Community Dashboard This Or That Game Popular Categories Arts and Entertainment Artwork Books Movies Computers and Electronics Computers Phone Skills Technology Hacks Health Men's Health Mental Health Women's Health Relationships Dating Love Relationship Issues Hobbies and Crafts Crafts Drawing Games Education & Communication Communication Skills Personal Development Studying Personal Care and Style Fashion Hair Care Personal Hygiene Youth Personal Care School Stuff Dating All Categories Arts and Entertainment Finance and Business Home and Garden Relationship Quizzes Cars & Other Vehicles Food and Entertaining Personal Care and Style Sports and Fitness Computers and Electronics Health Pets and Animals Travel Education & Communication Hobbies and Crafts Philosophy and Religion Work World Family Life Holidays and Traditions Relationships Youth
• Browse Articles
• Learn Something New
• Quizzes Hot
• This Or That Game New
• Train Your Brain
• Explore More
• Support wikiHow
• About wikiHow
• Log in / Sign up
• Computers and Electronics
• Basic Computer Skills

Common SSL Certificate Errors and How to Fix Them

Last Updated: April 1, 2024 Fact Checked

As an Administrator

This article was co-authored by Gonzalo Martinez and by wikiHow staff writer, Travis Boylls . Gonzalo Martinez is the President of CleverTech, a tech repair business in San Jose, California founded in 2014. CleverTech LLC specializes in repairing Apple products. CleverTech pursues environmental responsibility by recycling aluminum, display assemblies, and the micro components on motherboards to reuse for future repairs. On average, they save 2 lbs - 3 lbs more electronic waste daily than the average computer repair store. This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources. This article has been viewed 61,181 times.

SSL certificates are special files used to encrypt connections to remote servers like websites. An SSL certificate error can occur if your web browser has a problem validating a certificate. If you get an SSL certificate error when visiting a website, there are a few things you can do to bypass it, including setting the date and time correctly, adding the website to a trusted list, and clearing cache and cookies. If you administer a website that's generating an SSL error, you'll need to resolve the issue on your server.

Fixing SSL Certificate Errors

• Make sure your computer's date and time are correct.
• Add the website to the list of trusted sites.
• Disable certificate revocation checks.
• Clear your SSL state.
• Clear your web browser's cache.
• Restore your web browser to its default settings.
• Contact the website administrator.

• NET::ERR_CERT_AUTHORITY_INVALID
• NET::ERR_CERT_COMMON_NAME_INVALID
• NET::ERR_CERT_REVOKED
• ERR_SSL_WEAK_EPHEMERAL_DH_KEY
• ERR_SSL_VERSION_OR_CIPHER_MISMATCH

• Right-click the date and time in the taskbar.
• Click Adjust date and time .
• Ensure Set time automatically is checked.
• Ensure Set timezone automatically is checked.

• Press the Windows key .
• Type internet options .
• Click Internet Options .

• Click the Security tab.
• Click the checkmark icon above "Trusted sites."
• Click Sites .
• Copy and paste the URL for the website below "Add this site to the zone."
• Click Add .
• Click Close .
• Click Apply .

• Click the Advanced tab.
• Uncheck "Check for publisher's certificate revocation" below "Security."
• Uncheck "Check for server certificate revocation" below "Security."

• In the Internet Options window, click the Content tab.
• Click Clear SSL state .

• You can also try a different web browser to see if that resolves the issue. For example, if you're using Microsoft Edge , try installing Chrome and checking to see if you can view the website there. If you get an SSL error on two different browsers, there's probably an issue with the certificate itself.

• Click the Apple icon.
• Click System Settings or System Preferences .
• Click General .
• Click Date & Time .
• Ensure "Set date and time automatically" is enabled.

• Press Command + Spacebar to open Spotlight search.
• Type keychain .
• Click Keychain Access to open the app.
• Click Login in the left pane.
• Click Certificates under "Category" in the menu to the left.
• Double-click the certificate that is giving you trouble.
• Expand the menu below "Trust."
• Select Always trust next to "When using this certificate."
• Enter your Mac password and click Update settings .
• If the certificate continues to give you trouble, you can right-click it and delete it. [4] X Research source

• Click ' Keychain Access to open the app.
• Click Certificates under "Category" on the left.
• Right-click the SSL certificate that is giving you trouble.
• Click Delete . [6] X Research source

• You can also try a different web browser to see if that resolves the issue. For example, if you're using Safari , try installing Chrome and checking to see if you can view the website there. If you get an SSL error on two different browsers, there's probably an issue with the certificate.

• Also check that the contact information, such as the email, is the same as the one under which your website is registered.
• You can get a wildcard SSL certificate to cover multiple subdomains as well as your main domain.

Expert Q&A

You might also like.

• ↑ https://www.youtube.com/watch?v=mpc-1kIL9ec
• ↑ https://supportcenter.lexisnexis.com/app/answers/answer_view/a_id/1084255/~/clear-ssl-state-on-a-windows-operating-system
• ↑ https://support.zendesk.com/hc/en-us/articles/360000099508-Why-do-I-sometimes-get-incorrect-SSL-certificate-details-for-my-subdomain-
• ↑ https://www.bluehost.com/help/article/clear-locally-stored-ssl#apple
• ↑ https://www.freecodecamp.org/news/an-ssl-error-has-occurred-how-to-fix-certificate-verification-error/
• ↑ https://sematext.com/blog/ssl-certificate-error/

About This Article

• Send fan mail to authors

Is this article up to date?

Featured Articles

Trending Articles

Watch Articles

• Terms of Use
• Privacy Policy
• Do Not Sell or Share My Info
• Not Selling Info

wikiHow Tech Help Pro:

Level up your tech skills and stay ahead of the curve

Stack Exchange Network

Stack Exchange network consists of 183 Q&A communities including Stack Overflow , the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

certificate was checked as valid but all browsers iOS and mac osx are invalid

Certificate error on iOS safari, chrome and macOS chrome and safari.

iOS 13 & MacOS 10.15 have started imposing stricter requirements for trusted certificates https://support.apple.com/en-us/HT210176

I've ran checks on multiple SSL checkers which showed that the certificate is valid, but i still can't load the site. I've verified the following requirements:

• TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
• TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
• TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.

Anybody know what's wrong with the certificate? SSL checkers have already verified the certificate chain is complete and

• This might not be it, but usually the "Basic Constraints" extension is "Critical: YES" (and of course, "Certificate Authority: NO"). –  Spiff Apr 16, 2020 at 17:53

2 Answers 2

I checked your sites https://uat.iconnect.care/ and https://www.iconnect.care/ .

Firefox does not have any problems on your two sites.

Chrome has no problem with https://uat.iconnect.care/ , but on the site https://www.iconnect.care/ reports:

The error NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED seems to be related to the fact that Chrome now requires for some certificate authorities that the SSL security certificates be registered into Certificate Transparency ( https://www.certificate-transparency.org ).

I therefore looked into the certificates on your two websites and they are not the same. I get the following certificate thumbprints:

• https://uat.iconnect.care/ : 29beacb232616ff1a23d00dd28a4ba2e7c9310ab
• https://www.iconnect.care/ : 4fc140fddcb53df077e681c9f12e0bd0c9577e27

This proves that these are two different certificates.

For checking Certificate Transparency, I verified that the website https://uat.iconnect.care/ has this information in the field SCT List :

However, the certificate used for https://www.iconnect.care/ does not have it:

Conclusion: The certificate used for https://www.iconnect.care/ is not registered into Certificate Transparency and cannot be used on browsers that check it, especially Chrome. Ask GlobalSign to reissue the certificate, and this time to register it with Certificate Transparency. Or replace the certificate for the site with the other one.

• My uat.iconnect.care site is working fine using a cert with dates encipherment though –  Lee Gary Apr 19, 2020 at 2:58
• I missed the fact that this certificate has two extensions, the first apparently for code signing and the second for SSL. Strange. I never met before a dual-purpose certificate, but I haven't bought any for some years now, so it might be a new development. Questions: (1) Perhaps you could give us the link to your site so we can verify the certificate (2) Does this also happen with Firefox? (3) Does it happen from a Windows computer? –  harrymc Apr 19, 2020 at 6:19
• uat.iconnect.care & iconnect.care –  Lee Gary Apr 19, 2020 at 7:00
• The latter hasnt been deployed, but curl will return a blank html page –  Lee Gary Apr 19, 2020 at 7:01
• Haven’t tried on windows machine, but weird for OV cert to work but not EV –  Lee Gary Apr 19, 2020 at 7:02

Apple enforces more requirements than just those. In particular, it has a Certificate Transparency policy requiring that certificates be logged in a public CT log, and that the proof of inclusion in CT logs be provided during the same TLS handshake (without requiring the browser to go looking on its own).

The proofs (SCTs) can be either embedded within the certificate itself as an extension, or provided using OCSP Stapling if the webserver is configured for that.

However, your site has neither of those. Although the corresponding "pre-certificate" has indeed been submitted to various CT logs, the "final" certificate installed on your webserver is missing the 'CT Signed Certificate Timestamps' (1.3.6.1.4.1.11129.2.4.2) extension, and the webserver does not offer OCSP Stapling during the TLS handshake, either.

Google Chrome on other platforms has a similar policy, although so far only for EV certificates. When connecting from Windows it shows ERR_CERTIFICATE_TRANSPARENCY_REQUIRED.

Blanking out the site's name really makes such questions difficult and/or annoying to answer, because the answer depends not only on the certificate itself but also on the webserver's configuration – information about OCSP stapling was obtained by directly testing your webserver's TLS response, and of course nobody knows whether the provided screenshots include all certificate details, or whether some of them have been cropped off.

Fortunately, the unedited certificate can be found in the same CT logs mentioned above, based on its Serial Number and/or Subject Key Identifier (or even based on the issue/expiry dates if necessary), so your site's name is publicly known anyway.

• It’s iconnect.care I can curl and get a basic html but non of the devices work –  Lee Gary Apr 17, 2020 at 1:02
• i am using nginx and my other servers using OV certificates didn't have this problem, this is actually an EV certificate, what further configuration would help? –  Lee Gary Apr 17, 2020 at 14:59
• Enable OCSP Stapling on the web server -- or ask the certificate issuer about "embedded SCTs". –  u1686_grawity Apr 20, 2020 at 6:50

You must log in to answer this question.

Not the answer you're looking for browse other questions tagged macos security ssl ..

• The Overflow Blog
• What language should beginning programmers choose?
• Supporting the world’s most-used database engine through 2050
• Featured on Meta
• Stack Overflow Jobs is Coming Back!

Hot Network Questions

• How can I use GLSL shaders within Mathematica?
• My paper has been rejected for accusations of "gift authorship", what now?
• What would you call the ground floor if you were in a country where it is the first floor?
• Breaker size for a heat treating kiln
• Inconsistency in answer, by counting in two different ways
• How long can a period be?
• How to deal with an autistic colleague that seems to be fixated on me
• Exponential Pauli matrix identity query
• Old metal window stuck open and metal strap/band fell out; what to do?
• "depend on contexts" or "depend on context" or "depend on the context"?
• Can copy-pasting a word definition from a dictionary site cause a copyright issue?
• Closed form of binomial summation using complex numbers
• Is the supposedly fake prophecy of Mahdi that the Bene Gesserit implanted on Arrakis actually a real prophecy?
• Why is COALESCE not a function?
• Is it an independent and additional offence to have a fake passenger (e.g., a mannequin) to try to avoid HOV violation detection?
• Does the ending "s" in city names indicate plural (or etymologically related)?
• How did the ancient cultures determine that the year was actually a fraction of an extra day beyond 365 days?
• Why would solid rubber tubes be no good to some?
• How much do Americans know about Palestinians and Palestine?
• Is exhaustive-listing が here acting like a topic marker?
• When or where did Gustave Flaubert say that Alexander Pushkin's work was "dull"?
• Ways to refuel nuclear powered cars
• What is the long stem growing out of my rose?
• How was the miraculous complement of two Harkonnen legions for the retaking of Arrakis explained?

• High Assurance
• Enterprise EV
• Wildcard SSL/TLS
• Multi-domain UCC/SAN
• Enterprise EV UCC/SAN
• Code Signing
• EV Code Signing
• Secure Email (S/MIME)
• Client Authentication
• eSigner Document Signing
• NAESB Certificates

Select Language

We hope you will find the Google translation service helpful, but we don't promise that Google's translation will be accurate or complete. You should not rely on Google's translation. English is the official language of our site.

Troubleshooting SSL/TLS Browser Errors and Warnings

• By SSL.com Support Team
• September 10, 2019
• Categories: SSL/TLS , Troubleshooting
• Tags: Error Message

Browser Errors and Warnings

It’s all too common to encounter browser error messages like this when accessing websites:

These messages typically begin with a bold headline stating that Your connection is not private or Warning: Potential Security Risk Ahead . These messages can be frustrating for users and website owners, especially when the owner has gone to the effort to secure their website with an SSL/TLS certificate. Often, these errors are caused by server misconfigurations that are simple to correct once you know the root cause. In this guide, we’ll go through some common misconfigurations and the error messages associated with them in various web browsers. The browsers used to generate these screenshots were:

• Google Chrome 76.0.3809.100 (macOS 10.14.6)
• Firefox 68.0.1 (macOS 10.14.6)
• Safari 12.1.2 (macOS 10.14.6)
• Edge 44.17763.1.0 (Windows 10 Enterprise)
• Internet Explorer 11.379.11763.0 (Windows 10 Enterprise)

The situations we will cover are detailed in the Table of Contents below.

Expired Certificate

In these cases, the server has a certificate installed that has outlived its validity period and needs replacement:

Solution:  Renew the website’s certificate. End users who are experiencing this error should also confirm that the date and time are set correctly on their computer.

Domain Name Does Not Match Certificate

In these cases, the web server is presenting a certificate that does not match the domain name the user is attempting to access:

Solution:  Make sure that the common name and/or a subject alternative name listed in the certificate matches the website’s domain name.

Incomplete Chain of Trust

If a web server does not have a complete chain of trust including all necessary intermediate certificates installed, these errors can result:

Solution: Make sure that a complete certificate chain is installed on your server. Please see our article on diagnosing and fixing this problem for more information.

Revoked Certificate

Sometimes, due to server compromise or compliance issues, certificates must be revoked before their scheduled expiration date (for an example, see the serial number entropy issue of early 2019). Failing to replace a revoked certificate will lead to these error messages:

Solution: generate a new website certificate chained to a valid, publicly trusted root and intermediate certificates.

• Error Message

SSL.com Support Team

Stay Informed and Secure

SSL.com  is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from  SSL.com .

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

• Privacy Overview
• 3rd Party Cookies

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our  Cookie and privacy statement .

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

How-To Geek

How to fix "your connection is not private" errors.

Make sure your device isn’t causing these errors!

Quick Links

What does "your connection is not private" mean, how to fix "your connection is not private" error, how to bypass the "your connection is not private" error, privacy error variations and codes explained, protecting your privacy online, key takeaways.

To fix "Your connection is not private" errors on Chrome, Firefox, Edge, or Safari, you can clear the cache, update the device operating system, or ensure your computer clock is correct. Plus, you can check if a browser extension or your antivirus is interfering.

While browsing the web, you're likely to encounter the "Your connection is not private" error occasionally. But what does this privacy error mean, how do you fix it, and can you bypass it? Here's everything you need to know.

The "Your connection is not private" error occurs when your web browser cannot confirm the identity of the website you're trying to visit or finds its encryption weak. As a result, your browser assumes the website to be unsafe because it may have been compromised or has a configuration error. It stops short of establishing a connection and presents you with the "connection is not private" warning.

Related: Internet Connection Not Working? 10 Troubleshooting Tips

This isn't any run-of-the-mill warning because your browser needs a secure connection to the website to ensure that no one can snoop on the information you are exchanging with that website.

There can be several reasons why the web browser can't initiate a secure connection. But all of them relate to the SSL certificate of the website.

What Is an SSL Certificate?

To create an encrypted connection with a website, a web browser, such as Chrome or Firefox, first attempts to verify that website's SSL certificate . It's a digital certificate that verifies the identity and security of a website and includes information such as the domain name, the organization name, the issuing authority, the certificate expiry date, and a public key. Once satisfied with the SSL certificate details, the browser generates a random session key and uses the public key included in the certificate to encrypt it. This information is then shared with the website server that uses its private key to decrypt it, following which both can safely communicate without worrying about someone intercepting the data.

Related: How To Troubleshoot Internet Connection Problems

Why Is My Connection Not Private?

A problem with a website's SSL certificate can cause your connection to be not private. For example, if the certificate has expired, is invalid, or is not set up correctly, the browser deems the website unsafe. There can also be other issues, such as a mismatch between the actual domain of the webpage and the domain mentioned in the certificate. Or, in the worst-case scenario, a malicious actor has compromised the website server.

Besides the problems on the website's end, issues with your computer clock, Wi-Fi network, or browser cache can also lead to errors such as "this connection is not private."

Although several privacy or SSL errors will require intervention from the website owner, you can try to get rid of the "Your connection is not private" error by attempting the following fixes.

Check Your Computer's Clock

One of the causes for the "ERR_CERT_DATE_INVALID" or "SEC_ERROR_EXPIRED_CERTIFICATE" error codes is the wrong system date or time. You can remedy this by updating your computer's date and time or by choosing the option to update it automatically.

If you are using Windows, you can right-click the date and time in the taskbar and choose the "Adjust Date and Time" option. Once in the "Date & Time" settings, you can choose to enable "Set time automatically" to get the correct date and time from Windows server, or you can click on "Set the Date and Time Manually" to change the date and time on your computer yourself. Confirming the time zone while you're in the settings is also a good idea.

On a Mac, you'll find "Date & Time" settings in System Settings, which you can access by clicking on the Apple menu in the top-left corner of your screen. Once in "System Settings," look under General for "Date and time." Like Windows, you can enable the "Set time and date automatically" option here or manually set the date and time.

Sign In to the Public Wi-Fi Portal

Some public Wi-Fi hotspots require you to log in to access free internet. But to reach the sign-in page, you often have to open a website. But if you try to open a secure website, your browser may throw a privacy error as it doesn't have access to the internet to check the SSL certificate. So it's better to open a website that doesn't require a secure connection. HTTP Forever is an excellent option to bookmark for when you might need a "nonsecure" website to open the Wi-Fi captive portal.

Once you're signed in to the Wi-Fi portal, your browser will stop saying your connection is not private.

Related: How to Speed Up Your Internet Connection

Temporarily Disable Your Antivirus

If you use an antivirus that provides a feature like HTTPS protection, HTTPS scanning, Encrypted Web Scan, or Encrypted connections scanning, it may interfere with the browser's attempts to create a secure connection. So you can temporarily disable the antivirus to see if the issue goes away. If the page works after turning off the antivirus, you can contact the developer for a permanent solution or switch to a different antivirus software, like Windows Defender .

Open the Website in the Browser's Incognito Mode

Some browser extensions can also cause the browser to show the "connection not private" error. You can confirm this by opening the website or webpage in Incognito mode , which typically keeps all extensions disabled. An extension is likely responsible if the webpage opens without any privacy errors.

Then, you can disable all extensions in the regular mode and switch on one extension at a time to find the culprit. Remember, while all extensions are disabled by default in Incognito mode, there is an option to enable them . So ensure all extensions are disabled before you open the webpage in Incognito. An Incognito window is known as an InPrivate window on Edge and a Private window on Firefox and Safari .

Clear the Browser Cache

Your web browser's cache stores temporary data from the websites you visit. But sometimes, this cache can become corrupted or outdated, which could hamper a browser's ability to verify a website's SSL certificate properly. To fix this, you need to clear your browser's cache and cookies.

To clear the cache on Chrome , click the three-dot menu icon, then navigate to More Tools > Clear Browsing Data. Next, select "All time" from the time range drop-down and check the boxes next to "Cookies And Other Site Data" and "Cached Images And Files." Finally, click on the "Clear data" button.

Similarly, in Edge, click the three-dot menu icon, then navigate to Settings > Privacy, Search, and Services > Choose What to Clear. Next, select "Cached Images and Files" from the list, and click "Clear Now" to clear Edge's cache and cookies .

Firefox users will have to click on the hamburger icon and navigate to Settings > Privacy & Security > Cookies and Site Data > Clear Data. Then, check the boxes next to "Cookies and Site Data" and Cached Web Content," and click "Clear."

If you are using Safari and want to delete your data , click on "History" in the top menu and select "Clear History." You can then select "all history" from the drop-down and hit the "Clear History" button.

Update the Operating System

Privacy errors can also be triggered by outdated system software. So it's a good idea to update your device to the latest operating system version. Even if this doesn't fix the issue, you should still keep the device software up to date. To help you do this, we have guides on updating Windows 11 , updating Windows 10 , updating macOS , updating a Chromebook , updating Ubuntu , and updating iPhones and Android phones too .

Contact the Website Owner

If the problem persists after trying the fixes mentioned above, there is nothing you can do on your own. It's best to contact the website owner or administrator with the privacy error you are facing and ask them to fix it.

Related: What Is a 500 Internal Server Error, and How Do I Fix It?

While it's typically not recommended to bypass the "your connection is not private" error, you can make an exception if you trust the website and your connection to it. You can also skip the error if you understand the technical reason why the browser has generated that particular error and are willing to risk communicating over a vulnerable connection.

To bypass the security warning, click "Advanced" on Chrome, Firefox, and Edge, or "Show Details" on Safari. Then, you can choose to continue to the webpage.

Related: How to Spot a Fraudulent Website

The "connection not private" errors may look different depending on which web browser you are using. And sometimes, these errors are also accompanied by technical-sounding error codes that can be worrying. If you're trying to troubleshoot the exact cause of your privacy error, use these codes to investigate further.

"Your Connection Is Not Private" Error in Chrome

A privacy error on Chrome typically appears as a "Your connection is not private" message accompanied by a red warning symbol. But often, the message will also include one of the following error codes.

• NET::ERR_CERT_AUTHORITY_INVALID : The website's SSL certificate is either self-signed or from an untrustworthy certificate authority (CA).
• ERR_CERT_COMMON_NAME_INVALID : This error occurs when the domain name mentioned in the SSL certificate doesn't match the website's domain name.
• NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM : The weak signature algorithm error is a result of using the SHA-1 signature hashing algorithm by the SSL CA. SHA-1 was proven insecure in 2017, and now SHA-2 has become the standard hashing algorithm.
• ERR_CERTIFICATE_TRANSPARENCY_REQUIRED : The CA must add all SSL certificates to Certificate Transparency (CT) logs. When that doesn't happen, website visitors will encounter the certificate transparency required error code.
• ERR_SSL_VERSION_OR_CIPHER_MISMATCH : You'll encounter an SSL version or cipher mismatch error when the Transport Layer Security (TLS) protocol version used by the website server is older or it's using RC3 ciphers.
• ERR_CERT_DATE_INVALID : If the expiry date mentioned in the SSL certificate is older than the system date, you may encounter this error.
• ERR_CERT_SYMANTEC_LEGACY : This error appears because Chrome no longer trusts SSL certificates issued by Symantec before June 1, 2016.
• ERR_CERT_REVOKED : The primary reason for this error code is the revocation of a website's SSL certificate by the CA.

Related: How to Speed Up Chrome and Fix Errors Without Reinstalling It

"Your Connection Isn't Private" Error in Edge

The privacy errors in Edge browser look similar to Chrome, and you get the red warning symbol along with the "Your connection isn't private" message and the related error codes. But sometimes, you may also get a "The connection for this site is not secure" warning page.

"Warning: Potential Security Risk Ahead" Error in Firefox

Firefox uses a number of privacy or security warning messages when it encounters an unsafe or misconfigured website. "Warning: Potential Security Risk Ahead" is one of the common warnings. But you may also get "Secure Connection Failed," "Did Not Connect: Potential Security Issue," or "Your connection is not secure." Most of these warnings are typically accompanied by some explanation about the potential security issue or an error code. Here are some common error codes you may see on Firefox.

• SSL_ERROR_UNSUPPORTED_VERSION : Firefox no longer supports TLS protocols older than version 1.2. So if a website uses version TLS 1.1 or older, you will get this error code.
• SEC_ERROR_UNKNOWN_ISSUER : If the SSL certificate issuing authority is unknown to Firefox or the certificate is self-signed, the browser shows this error code. MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT is another error code shown when a website has a self-signed certificate. Or you may get MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED code if the website uses an SSL certificate from Symantec, including those issued under the GeoTrust, RapidSSL, Thawte, and Verisign brands.
• SEC_ERROR_EXPIRED_CERTIFICATE : As the name suggests, you will get this error code when Firefox believes the SSL certificate has expired.
• SEC_ERROR_REVOKED_CERTIFICATE : This one is self-explanatory. You will typically see when the certificate issuing authority has revoked the SSL certificate of a domain.
• SSL_ERROR_BAD_CERT_DOMAIN : Firefox shows the "bad cert domain" error when the domain or sub-domains mentioned in the certificate don't match the webpage domain. It typically happens when all sub-domains aren't mentioned in the SSL certificate.
• SEC_ERROR_REUSED_ISSUER_AND_SERIAL : If the SSL certificate of the website has the same serial number as another certificate.

"This Connection Is Not Private" Error in Safari

If you are trying to visit a potentially unsafe or misconfigured website on Safari, the browser presents a "This connection is not private" warning page. Unlike Chrome, Firefox, or Edge browser, it doesn't have an error code, but you can click "Show Details" to find more information about the issue.

A secure connection between your browser and a website is vital for the safe exchange of information . This is why modern web browsers warn you when you are trying to visit a potentially unsafe website. But often, a problem with your web browser or system can also result in a privacy error.

You can try the fixes mentioned above to resolve any issues with your system. But if none work, it's best to contact the website owner and wait for it to get fixed to avoid risking your private information.

macOS + Safari certificate weirdness

This isn’t directly a Let’s Encrypt issue, but I’m hoping this audience can help me resolve it as it’s obviously deeply related to SSL certificates. (If this is deemed too off-topic, please accept my apologies and let me know.)

On macOS (10.14.6), using Safari (13.1), Safari is telling me that it “can’t establish a secure connection to the server”. But only sometimes:

• The majority of sites work fine.
• It works fine after a reboot.
• Last time it went 27 hours after the reboot before re-occurring. ¯\_(ツ)_/¯

It’s weirder than that:

• OmniFocus, which establishes an SSL connection to https://sync3.omnigroup.com , also fails.
• Plenty of other sync services on my Mac do not fail. OF must be using the system certificates?
• Some sites which use the Let’s Encrypt Authority X3 certificate keep working (e.g. https://coruscade.com ).
• Other sites which use the same certificate chain fail (e.g. https://bum-man.com.au ).
• That last site is actually hosted at https://bumman2020.netlify.com . When accessed via that URL, the certificate is DigiCert SHA2 Secure Server CA and works A-OK.
• Firefox always works. So how does its certificate behaviour differ from Safari? Does it manage its own, and not use the system keychain?
• Brave fails but in a really weird way. It tells me that the cert is invalid ( NET::ERR_CERT_INVALID ) but when I inspect the certificates they’re all valid! Here’s an example of that, using another certificate that fails. ( https://theage.com.au is a large newspaper – this site works fine in Firefox.)

• When this issue occurs, it’s always the same certificates that fail. Repeatable, predictable.
• I have re-created my keychain. Made no difference – I assume that just deleted my personal stuff but didn’t touch the system root certificates?

I have a question open on StackExchange which has some more detail. This is driving me bananas.

Please someone here tell me how macOS certificate management works, and help me fix this. Thank you.

Yes, I think Firefox uses its own root store unless you configure it not to.

I don't have a solution for you other than to tell you that my sister experienced a similar thing on macOS some weeks ago. Except hers also had problems with some certificates from Amazon CA, until she rebooted her laptop.

e: One idea - on that screenshot, you are showing that the leaf certificate is valid. If you select the intermediate, or the root, do they also have the same "This certificate is valid" text?

Thanks, I’ll go digging around in Firefox and see if I can come up with anything interesting.

Yeah, Brave reports all 3 certificates in that screenshot as valid. Told you this was weird!

Stranger still: if I open a private window in Safari and browse to one of the broken sites, Safari warns me that “this connection is not private” and gives me the chance to “visit this website” as long as I authenticate to confirm that it is safe to do so.

When in a non-private window, I am not given this option. It’s just a flat-out “can’t establish a secure connection”.

If you're referring to your bumman site, it'd be because it's setup with an HSTS header . Browsers will omit the option to bypass the warning screen for HSTS-protected sites (that it's seen before, or are in the HSTS preload list).

When you browse the site in private mode, the HSTS cache isn't used, so the browser lets you through.

Don't think it explains your issue, though.

This recent thread is similar:

In that thread, the issue seemed to be that macOS didn't recognize a newer Certificate Transparency log that should have been supported since early December.

The OP said yesterday that it was fixed after installing a recent update.

If it works for OP after a reboot, it might be what made it “work” for me after applying the the update (since it rebooted). I’ll have to wait and see, I guess.

OP, you say all updates are installed, does that also imply the 002 security update from end of March?

OK, the issue is back on my Mac now, so it seems we have the same issue, and that it’s solved temporarily by rebooting. The latest security update ( https://support.apple.com/en-gb/HT211100 ) did not solve it.

@jen729w , are you by any chance using Little Snitch?

@jockek Sibling! You have it too. I’m not alone.

I do use Little Snitch, yes. Always have, config hasn’t changed in however long. These servers ping just fine and I’ve tried this with the network filter off, no change.

I recall a recent security update, yes. They pop up I do them as soon as I see them.

Have you and @jockek tried to see if those websites work in safe mode? (e.g. disabled all extensions and other potential softwares). Other networks? Have you submit any reports to Apple Support?

The problem with safe mode is that the issue is fine immediately after a reboot. I’d need to operate in safe mode for ~24h until it occurs, which I can’t afford to do. This is my main work machine.

I have tried other networks, yes. The network is not the issue.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

SSL Certificate error - can't view website

One of my clients recently changed their website to wordpress and the domain host also changed. I am now getting a certificate error when I try to visit the site and Safari tells me the site is unavailable. I know the site is working because I can view it on safari on my iphone.

I have had the domain check their set up and it is all correct.

No one else is having this issue. It only seems to be my macbook that won't allow the site.

I've tried clearing all my caches including system caches.

Can someone please help?

MacBook Pro 13", macOS 10.14

Posted on Oct 20, 2019 8:48 PM

Similar questions

• Showing SSL error for genuine sites (links from google search results) and then getting routed to spam advertising sites. I am facing this problem on both my iPhone and on my Macbook. The Safari is showing links for google search results as not having valid SSL certificates. When I click proceed to site, I get routed to this IP address always - http: //89.208.103.43. From there, the browser automatically shows many spam Advertising sites. This happens simultaneously on my iPhone as well as on my Macbook. This is only on Safari. If I use Microsoft Edge, this problem vanishes. When I go back to Safari, the same problem is seen. I have tried resetting the Safari on Iphone and clearing website data and cookies on Safari, Macbook. Still the problem somehow comes back. I am also worried about Malware or something like that installed in my devices. Please help. [Link Edited by Moderator] 2240 9
• web pages rejected for bad certificate My MacBook Pro is rejecting web pages because of certificate failure. I have a 2017 13" laptop that is failing me. Any thoughts? 896 7
• Search engine issues I get this error message for any search engine using Safari 12.0.2 502 Bad Gateway TlsProtocolException("Cannot establish TLS with www.google.com:443 (sni: www.google.com): TlsException('Cannot load trusted certificates (/tmp/_MEIb8M8Y0/certifi/cacert.pem, None).',)",) Does anyone know how to fix this? 2658 1

Loading page content

Page content loaded

Oct 24, 2019 7:20 PM in response to whizzme

Are you running any anti - virus programs? Using a VPN?

Try setting up another admin user account in System Preferences/Users & Groups to see if the same problem continues. Please post back on whether or not this worked. Also try the Safe Mode. Please post back on whether or not this worked.

Isolating an issue by using another user account  

Safe Mode - About

If it works in the Safe Mode, try running this program when booted normally and then copy and paste the output in a reply. The program was created by Etresoft, a frequent contributor.  Please use copy and paste as screen shots can be hard to read. Click “Share Report” button in the toolbar, select “Copy to Clipboard” and then paste into a reply. This will show what is running on your computer. No personal information is shown. If the log won’t post, try posting it in Pastebin and provide a link in a reply. After pasting the report in a PasteBin page, go to the top of the page, and copy the address in the URL bar. Paste that in a new reply.        Pastebin

Etrecheck – System Information

Oct 24, 2019 6:49 PM in response to whizzme

Have you tried deleting the site certificate from Applications/Utilities/Keychain Access, then quit/reopened Safari, and see if the site will load?

Try another browser as a test.

Firefox         10.9 or higher

Opera Browser         10.9 or higher

SeaMonkey       10.9 or higher8

Waterfox           10.8 or higher

Oct 29, 2019 5:35 PM in response to whizzme

Can someone please help with this??

I can access the website using the Brave browser and an external internet connection. But still cannot access in Safari.

Once I get home and connect to my wifi I can no longer access the website in Brave either.

PLEASE HELP

Oct 24, 2019 7:42 PM in response to Eric Root

I set up another administrator and logged in as them.

I still got the error message in Safari

But I could get to the website in Brave

Oct 24, 2019 10:46 PM in response to whizzme

It has now stopped working in Brave and I can no longer access the website anymore. HELP!

Oct 24, 2019 5:02 PM in response to whizzme

This is becoming urgent. I need to be able to access my client's website. Please help!!

Oct 24, 2019 6:59 PM in response to Eric Root

Yes I’ve deleted the certificate and restarted. And tried using Chrome and Brave and none of them will let me in.

Oct 24, 2019 7:00 PM in response to whizzme

It’s like no matter what I do it insists on retrieving the old certificate not the new one.

Oct 24, 2019 7:01 PM in response to whizzme

I even tried setting it to trust the certificate but that didn’t work either.

Oct 24, 2019 7:50 PM in response to whizzme

I restarted in safe mode using my own log in and the same thing as above. I could get to the website using Brave but still got the error message with safari.

Oct 24, 2019 8:07 PM in response to whizzme

Here is the Report in Paste Bin

https://pastebin.com/fu6JYQ3E

Dec 10, 2019 9:47 AM in response to whizzme

Did you resolve this issue? I'm having the same problem.

Dec 10, 2019 10:47 AM in response to fancybike

If you did all the above suggested fixes, have you restarted/reset your router?

Dec 10, 2019 11:06 AM in response to Eric Root

I'm having the same problem when I switch to using my mobile hotspot. And I have no problem going to the website on any other device on our network.

Dec 10, 2019 12:20 PM in response to fancybike

Found the problem - I hadn't thought to check my hosts file. I moved my client to a new host last year and forgot to delete info from the hosts file after I was done.

8 Ways to Fix SSL Connection Errors on Various Browsers and Platforms

It’s never been easier to obtain a Secure Sockets Layer (SSL) certificate for your website and set it up. But you can still run into SSL connection errors even after installing your certificate correctly and forcing traffic through HTTPS. In many cases, these error messages can drive users away.

Understanding what causes SSL errors will help you prevent them from popping up on your website. You’ll also know what to do if you run into one, depending on the message you see and the browser or OS you’re using.

In this article, we’ll explore what SSL connection errors are and their leading causes. We’ll also discuss their most common types and how you can troubleshoot them.

Let’s get to it!

Check Out Our Video Guide to Fixing SSL Connection Errors

What is an ssl connection error.

There are several types of SSL connection errors that you may encounter while browning the web. Some of these errors are due to server-side issues, whereas others are because of local configuration problems.

In broad terms, SSL connection errors will prevent you from browsing a website securely over Hypertext Transfer Protocol Secure (HTTPS) . Your browser may allow you to proceed with the connection, but in most cases, it’ll tell you that you’re doing so at your own risk. Without a valid SSL certificate, malicious parties can intercept any data you exchange with the website you’re trying to view.

Some of the most common SSL connection errors that you may run into include:

• NET:ERR_CERT_AUTHORITY_INVALID
• NET::ERR_CERT_COMMON_NAME_INVALID
• NET::ERR_CERT_REVOKED
• SSL Handshake Failed
• ERR_SSL_OBSOLETE_VERSION
• ERR_SLL_PROTOCOL_ERROR

Each type of SSL connection error points towards a different cause. When you run into such a problem, your browser will display a specific message that gives you information about why you see it:

It’s important to note that error messages can vary from one browser to another. The one pictured above comes from Firefox, whereas the one below pops up when we open the same website using Chrome:

As mentioned before, not all SSL connection errors stem from problems with your server configuration. Your website can have a perfectly valid SSL certificate, but users might still run into errors when accessing it.

Throughout the following few sections, we’ll show you what to do if you’re trying to access a website and you run into SSL connection issues.

How to Fix SSL Connection Errors (8 Methods)

If you’re not in charge of a website, there’s little that you can do when it comes to fixing server-side SSL connection errors. However, some issues can occur due to problems with your local device or browser configuration.

We’ll show you how to fix local issues that cause SSL connection errors using various browsers , mobile OSs, and social media platforms.

Let’s get fixing!

1. How to Fix the SSL Connection Error in Google Chrome

If you run into an SSL connection error in Google Chrome, there are several quick fixes that you can implement.

First off, make sure you’re running the latest version of Chrome. You can update Chrome from within the browser itself , or you can download and install the most recent version from Google Chrome’s website .

Next, check if your system’s time and date are synchronized. If your device’s time is not correct, you may run into SSL connection issues throughout the web because some SSL certificates rely on internal system clocks for validation. An incorrect time or date on your computer can lead to errors as your browser can’t verify these certificates .

On Windows, you can fix the time and date by opening the Settings menu and selecting the Time & Language option:

On the next screen, make sure that both the Set the time automatically and Set the time zone automatically options are enabled. Alternatively, you can select your time zone manually and enable the Set the date and time manually option:

If you’re using Chrome on macOS, open the System Preferences menu by clicking on the Apple icon in the top left corner of the screen. Select the Date & Time option and enable the Set date and time automatically setting:

Once you fix the date and time, try accessing the website that showed an SSL connection error in Chrome. If the problem persists, move on to clearing your Chrome cache and cookies . To do so, open the Settings menu and click on Clear browsing data .

A window will pop up, enabling you to select what data you want to clear. If you’re using the Basic settings, select Cookies and other site data and Cached images and files , then hit the Clear data button:

Another fix that you can try is to clear the SSL slate in your operating system. To do so in Windows, open the start menu and search for Internet Options. Click on the result that comes up, and an Internet Properties window will pop up. Jump to Content and click on Clear SSL slate:

Clearing the SSL slate will remove all of the certificates stored locally on your computer. The next time you reload the website giving you SSL connection errors, the browser will attempt to re-validate its certificate and, in doing so, might clear the error.

If you’re using macOS, clearing your SSL slate works a bit differently. Open your Utilities menu and go to Keychain Access . Select the System option under Keychains in the left-hand menu, and you’ll see an overview of all the SSL certificates that your system stores locally:

You can select certificates individually and delete them manually. If you spot a certificate for the website you’re trying to access, delete that one first, then check to see if the SSL connection error persists.

At this stage, if all else fails, temporarily disable your antivirus software and firewall . We suggest this as a last resort because, in most cases, your antivirus software won’t cause issues with SSL connections.

If you try every fix and nothing works, you can assume that the SSL connection problem lies with the server.

2. How to Fix the SSL Connection Error in Firefox

Fixing SSL connection errors in Firefox works much the same as with other browsers. You can follow the instructions in the last section to implement the following fixes:

• Check your system’s date and time and adjust them.
• Clear your local SSL slate.

If neither of those solutions works, then it’s time to clear your Firefox cookies and cache . To do so, go to the Options menu and jump to the Privacy & Security tab. Then click on the Clear Data button under Cookies and Site Data :

Try accessing the website with the SSL connection error once more. If your browser fails to establish a connection, check to see whether there’s a new version of Firefox that you can update.

3. How to Fix the SSL Connection Error in Safari

So far, we’ve covered multiple fixes for the SSL connection error that work across OSs. If you’re using Safari, start by following the same instructions given under the Google Chrome section:

• Clear your local SSL slate in macOS.

If the SSL connection error persists, you can move forward and clear your Safari cookies and cache . If you’re using an iMac, Macbook, iPhone, or iPad, the exact instructions apply here:

• Open the Safari Settings menu.
• Click on Clear History .

With that out of the way, try to access the website that gave you an SSL connection error before. The error should be gone now unless you’re dealing with a server-side configuration issue.

4. How to Fix the SSL Connection Error on iPhones and iPads

The process for fixing the SSL connection error on an iPhone or an iPad is identical to doing so on macOS. First, you need to check if your device’s date and time are synchronized. To access your mobile device’s date and time settings:

• Open the Settings app and select General > Date & Time .
• Check if the Set Automatically option is enabled. If it isn’t, turn it on.
• Manually check if your device is using the correct time zone.

After updating your date and time settings, you can move on to clearing your browser’s cookies and cache . To do so, open the Settings app and select Safari > Clear History and Website Data :

If you’ve installed a different browser on your iOS device, the process should still be similar.

Unfortunately, the most recent versions of iOS have removed the option to clear your SSL slate on your iPhone or iPad, so this is not a viable solution. If none of the fixes above work, you can assume the problem is server-side.

5. How to Fix the SSL Connection Error on Android

Fixing the SSL connection error on Android is relatively simple. First, go ahead and check your time and date settings to see if they’re accurate.

Open the Settings app and tap on General Management > Date and time . Then check if the Automatic date and time setting is enabled:

It’s important to note that, like iOS, Android doesn’t include an option for clearing your SSL slate or deleting individual certificates. What you can do to fix SSL connection errors is to clear your Chrome browsing data. To do so:

• Open the Chrome browser and access its Settings menu.
• Go to Privacy and security .
• Tap on Clear browsing data .
• Select your browser’s Cookies and site data and Cached images and files options, then tap on Clear data.

After clearing your Chrome website data, check if the SSL connection error persists. If it does, the chances are that it’s a server-side configuration issue.

6. How to Fix the SSL Connection Error on Facebook

If you run into an SSL connection error on Facebook , you can be sure that it’s not a server-side issue. That means you’re dealing with a local configuration problem. Here are the fixes that you should implement:

• Adjust your local time and date settings.
• Clear your browser’s cache and cookies.
• Clear your OS’s SSL slate or delete any local certificates for Facebook.

You can find instructions about adjusting your date and time settings on Windows and macOS within the Google Chrome section of this article. We also have instructions on clearing your browser’s cookies and cache for Chrome, Firefox, and Safari.

7. How to Fix the SSL Connection Error on Gmail

You won’t run into SSL connection errors while trying to access Gmail using mobile apps. However, SSL errors might pop up if you’re using Chrome, Firefox, or Safari to access Gmail’s web service. In that case, you should:

• Adjust your local time and date settings (check the Google Chrome section above for instructions).
• Clear your OS’s SSL slate or delete any local certificates for Gmail.

If everything else fails, you can access Gmail using a mobile app while you try disabling your firewall temporarily or updating your browser to its latest version.

8. How to Fix the SSL Connection Error on YouTube

SSL connection errors on YouTube are likely due to local configuration errors within your OS or browser. If you run into an SSL error in YouTube:

• Clear your OS’s SSL slate or delete any local certificates from YouTube.

We provided instructions on clearing your browser’s cache and cookies for Chrome, Firefox, and Safari earlier in this post. Likewise, you can find step-by-step guides on how to clear your SSL slate by checking the Chrome and Safari instructions in the previous sections.

SSL connection errors can come in a lot of shapes and sizes. If you’re dealing with a server-side error, there’s often little that you can do except wait for the site’s owner to fix it or proceed with an unsafe connection.

That said, you can attempt several local configuration fixes that may solve this issue, including:

• Adjusting your time and date settings.
• Clearing your browser’s cookies and cache.
• Clearing your OS’s SSL slate.

If you’re still facing SSL connection errors with your website, please leave a comment below. Kinsta clients can also reach out to our support team to get any SSL errors fixed.

Salman Ravoof is a self-taught web developer, writer, creator, and a huge admirer of Free and Open Source Software (FOSS). Besides tech, he's excited by science, philosophy, photography, arts, cats, and food. Learn more about him on his website , and connect with Salman on Twitter .

Related Articles and Topics

Powerful Managed WordPress Hosting

In-Depth HTTP to HTTPS Migration Guide for WordPress

• Web Development

This fixed it! I was having a problem with maps in my vehicle and my iPhone 11 (iOS 15.2). Getting this displayed on my vehicle’s screen “an SSL error has occurred and a secure connection to the server cannot be made.” All I needed to do was clear my history and website data. Thank you!

Could you add how to fix it for PlayStation please? I’ve been looking for a while and I was hoping this would tell me how to do it but it didn’t.

Leave a Reply Cancel reply

By submitting this form: You agree to the processing of the submitted personal data in accordance with Kinsta's Privacy Policy , including the transfer of data to the United States.

You also agree to receive information from Kinsta related to our services, events, and promotions. You may unsubscribe at any time by following the instructions in the communications received.