done How to Fix Your Connection is Not Private Error in Chrome

Error
Error

As we all know Google maintains pretty strict security guidelines when it comes to safeguarding their user’s data. While browsing in chrome, Google always warns it user when they encounter suspicious/harmful websites. “Your connection is not private” is one among them.

Though it warns users of websites that seem to act fishy, it is also quite frustrating when it blocks the safe websites. In case you have recently encountered such an error, we suggest you to take a look at our article to resolve the issue.

Error
Error

What is the Your Connection is Not Private Error?

You seem to come across the “your connection is not private” error when you are browsing through the sites that are trying to function over HTTPS (Hyper Text Transfer Protocol).

As most of us are aware about how a website is accessed from the server. To explain briefly, whenever the user types the URL/name of a webpage in the browser and hit enter, the browser directs a request to the server where the site is hosted.

The browser also needs to validate the certificate available on the site to make sure that the site follows the current privacy standards and is legit. Also TLS handshake, these certificates are being monitored against the certificate authority.

In case the browser verifies that the certificate isn’t legit or may cause a data breach then the browser will stop the user from accessing the web page. This particular feature is built in most browsers to safeguard their user’s privacy.

In simpler words, If the certificate doesn’t seem to be valid, then data received or sent from that particular webpage cannot be encrypted correctly which makes it unsafe for the user to access the website (especially, with login credentials or payments with or without gateways).

Therefore, the browser displays the error message “your connection is not private” and doesn’t load the requested website.

Your Connection is not Private Error Variations

When it comes to the variations which caused the error, the factors might depend on the particular web browser you are browsing through, your operating system or it might be the configuration of the certificate on the servers. Although the errors aren’t caused because of the identical reason, the troubleshooting steps always remain same.

Google Chrome

If you are using Google chrome you might have noticed that in case there occurs a problem while validating the certificate the error given below is shown along with the “your connection is not private”.

“Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards)”.

Also Google tries to specify the definite issue by listing out each. Look below to find some of the common error codes displayed in chrome browser.

1. ERR_CERT_SYMANTEC_LEGACY

2. NET::ERR_CERT_AUTHORITY_INVALID

3. NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)

4. NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

5. NTE::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED

6. NET::ERR_CERT_DATE_INVALID

7. SSL certificate error

8. ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Mozilla Firefox

Firefox users see the error message displayed as “your connection is not secure” along with the follow content.

“The owner of domain.com has configured their website improperly. To protect your information being stolen, Firefox has not connected to this website”.

Firefox also makes sure to specify the error codes along with the message so that users can identify the exact reason for the error occurrence.

1. MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED

2. SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE

3. SEC_ERROR_EXPIRED_CERTIFICATE

4. SEC_ERROR_UNKNOWN_ISSUER

5. MOZILLA_PKIX_ERROR_MITM_DETECTED

6. ERROR_SELF_SIGNED_CERT

7. SSL_ERROR_BAD_CERT_DOMAIN

Microsoft Edge

While using Microsoft edge, the error message displayed along with “Your connection isn’t private” is

“Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards)”.

Microsoft edge also displays a series of error codes on user’s screen to specify the error cause:

1. NET::ERR_CERT_COMMON_NAME_INVALID (this occurs when the certificate does not match the domain)

2. Error Code: 0

3. DLG_FLAGS_INVALID_CA

4. DLG_FLAGS_SEC_CERT_CN_INVALID

Safari

The common browser in Mac OS or iOS is safari, the error message displayed along with “Your connection is not private” is.

“The website, may be impersonating “domain.com” to steal your personal or financial information. You should go back to previous page”.

How to Fix the Your Connection is Not Private Error

Since most of us browse through a number of sites every day it is quite common for one to come across this type of error. As mentioned earlier the error can arise due to two simple problems.

Its either from the user-side issue (Your browser, Operating system) or the other one is specific problem with the certificate on the website (Wrong domain, Not legit, not trusted by the organization). Let’s learn about both the problems in this article.

Listed Methods to Identify the Issue and Fix it

Follow the mentioned list sequentially downwards for better results.

Method 1: Try Reloading the Page

Some users might find it silly, but reloading the page can be a cure to lot of issues like connection not found, low network etc. This is why, when you encounter an error named “your connection is not private” exit your browser and re-launch the website.

This could be because the website owner is trying to reissue their own SSL certificate. Also, it could be that something went wrong with the browser.

Method 2: Manually Proceed (Unsafe)

This method is quite unsafe. It is manually proceeding with the website regardless of the error. Most of the Technicians do not encourage this method as it could lead to a huge data breach. Especially, when you are trying to input your login credentials or making a payment using your credit/debit card.

This option is only recommended when you fully understand the intentions of the browser. The very reason you came across this error is because the owner of the website is trying to steal your data that you send across the web to its server. So it is in the best interest of the user to quickly exit the webpage.

Users need to remember that if you happen to see this error displayed while you are in a public place then closing it would be the right choice.

If you still want to access the website, then you can find a button named “proceed to domain.com” under the error message. It can also be hidden based on your browser choice. So check under “Advanced” option.

Note: if you find your website to be using HSTS (HTTP Strict Transport Security) then this particular option doesn’t exist for you as they have already configured an HTTP header which makes sure non-HTTPS connections don’t get through the browser.

If you are doubtful or do not wish to manually proceed then do check the below methods to find a relevant solution.

Method 3: Are you in a Café or Airport

You might have noticed that this error message pops up more frequently when you are in places like Café or Airport. It is either due to the reason that large numbers of websites are still running over HTTPS or it might not be configured properly.

So the error stays displayed on the screen until you accept the terms and conditions of the agreement to sign in. However, if you refuse to accept the portals terms to connect to an HTTPS site, then the error message keeps coming back.

Follow the steps mentioned below:

Step 1: Access the café or airport’s Wi-Fi by connecting to its network.

Step 2: Now browser to any non-HTTPS site, like http://www.airlines.com

Step 3: As mentioned a sign-in page should be popped up by now. You need to accept the terms and then log in. The terms include a checkbox so do not worry about functioning over HTTPS. After connecting successfully, you may browse the sites you wish over HTTPS.

In case you don’t seem to access sign-in page, try typing 1.1.1.1 into your browser search bar.

We would also like to add that during public access of Wi-Fi, a VPN can be helpful in protecting you by hiding your traffic. We have listed few popularly used VPN’s:

1. Private Internet Access

2. TunnelBear

3. NordVPN

Method 4: Check your Computer’s Clock

One of the simple reasons for you to see the “Your connection is not private” error might be because of your disoriented computer clock. Most of the browsers strongly depend on the device clock to be rightly synced up so that it can verify the SSL certificate.

The disorientation of clock mostly happens if you have a purchased a new computer or laptops with Wi-Fi. It doesn’t usually sync on its own just after the first login. So follow the steps below to set the proper time on your device.

Windows

Step 1: Right click on the time option found at the bottom right corner of the taskbar.

Step 2: Choose the option “Adjust date/time”.

Step 3: Now select the option “Set time automatically” and “Set time zone automatically”. These options will automatically update the time based on one of the Microsoft’s NTP server. Now go back and check the time on task bar to verify it is correct. Else, click on the change button to manually set the time zone by yourself.

Step4: Exit the browser and re-launch it. Finally visit the website again.

Mac

Step 1: From your system’s apple menu click on “System Preferences” option.

Step 2: Tap on the Date & Time icon. In case the padlock is displayed at the bottom of the window, try to click it and enter your administrator name and password.

Step 3: Now, select “Set date & time automatically”. This will update your system time according to one of Apple’s NTP servers.

Step 4: Then select the Time Zone tab. If the location isn’t found properly then uncheck it so you can manually set it. On the map select your time zone region and city.

Step 5: Exit the browser and re-launch it. Now visit the website again.

Method 5: Try in Incognito Mode

This method is proven to be quite safe. Users can also try to browse through the internet with the help of incognito mode. This mode will make sure to protect your data and doesn’t allow any server to store it anywhere. However, you can also try different browser and see if the error “your connection is not private” still persists.

You can find Incognito mode in Google chrome with the name New incognito tab. In Mozilla Firefox incognito mode is displayed as “New private window”. Whereas in Microsoft edge, it is known as InPrivate window”.

Method 6: Clear Browser Cache and Cookies

Clearing your browser cache and cookies can resolve a large number of issues. Also it can be done easily with simple instructions. Before you run to your system manufacturer or network provider, try to clear your browser cache and cookies to solve the issue. Visit the links mentioned below to find out how to do so in different browsers.

  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#single
  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#chrome
  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#firefox
  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#ie
  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#edge
  • https://kinsta.com/knowledgebase/how-to-clear-browser-cache/#opera

Method 7: Try Clearing the SSL State on Your Computer

Although many users ignore this method, but it might be quite useful to clear the SSL state in chrome, just like you clear your browser cache and cookies. Follow the steps listed below:

Step 1: Visit the Google chrome browser and click on customize and control button found at the top right corner of the window. Choose settings from the drop down list.

Step 2: Click on the show Advanced settings.

Step 3: Under network section, choose change proxy settings and tap on it. A dialog box named Internet properties is displayed.

Step 4: Move to the content tab in the menu.

Step 5: Under certificates click on the Clear SSL state button and tap on OK button.

Step 6: Restart the chrome to see if changes have been applied.

In case you are a Mac user, visit the link: to clear your SSL state.

Method 8: Change DNS Servers

Changing the DNS servers have worked for few users. While using Google’s public DNS (8.8.8.8 and 8.8.4.4) or Cloud flare’s DNS (1.1.1.1 and 1.0.0.1) these errors have appeared often.

We recommend you to remove this and revert back to your IDP’s DNS server and check if its helpful. Since Google and Cloud flare DNS servers are used by large number of users, it might be entirely perfect.

Windows

Open your network connection properties window and choose “Obtain DNS server address automatically”. If you have used the Google’s public DNS or Cloud flare’s DNS to your router, you can also remove it from this window.

Method 9: Disable VPN and Antivirus Temporarily

The VPNs and Antivirus applications we use may contain certain inbuilt features that block or override your network settings. This includes blocking particular SSL certificates also. If you have any of the third party applications, then try disabling them or deactivating the “SSL scan” in their settings. Now check if the “your connection is not private” error has been fixed.

Method 10: Make Sure the Certificate hasn’t Expired

In most of the situations, SSL certificates might expire without notifying the owner. We have seen that even highly renowned companies can forget to renew their SSL certificates. This is quite common than we think. This mostly happens due to following reasons.

1. The owner of website might have auto-renew enabled with the domain registrar or SSL certificate provider to notify them accordingly.

2. Auto-renew might be enabled but the payment fails, this usually happens when he user has forgotten to update their current payment method. Users normally change their credit card more often than they access their own domain registrar’s dashboard for the whole year.

3. The last one might be that the website owner has been using a free Let’s Encrypt certificate. This usually expires over 90 days and they do not maintain a script to renew it.

This result in the error code: NET::ERR_CERT_DATE_INVALID.

It is a good habit to keep checking your certificate’s expiration date. This can be achieved by opening up Chrome DevTools while browsing through a site. Move to a Security tab by clicking on it and choose the “View certificate” and tap on it. The “Valid from” dates display the certificate information.

The SSL certificate of a site can also be viewed by clicking on the padlock found in the address bar. Finally click on “Certificate”.

Method 11: Check Subject Alternative Domain

Apparently, every certificate will be having a subject alternative domain. It includes the domain name variations particularly for the certificate issued and valid for. Users must keep in mind that https://domain.com and https://www.domain.com are two different domains.

Usually SSL_ERROR_BAD_CERT_DOMAIN error code stays is displayed along with the error message. If you see this, it means that the certificate is not registered properly on both variations of the domain. But this is gradually reduced due to sites working with HTTPS.

Also, this error could occur if you have changed he domain name recently. For example, you got hold a new .com address and replaced your old domain. The error named NET::ERR_CERT_COMMON_NAME_INVALID often occurs if you have not installed the SSL certificate on your new domain.

Method 12: Is the Certificate SHA-1?

Those relevant with information security will definitely know about SHA-1. SHA-1 is one of the cryptographic hash algorithm often used by SSL certificates on website. Unfortunately SHA-1 has gradually degenerated and hence is not supported by any recent web browser.

So, if the website you are trying to access still uses this old hash algorithm then the “your connection is not private” error is most likely to occur.

Here are some of the web browsers who stopped using SHA-1

1. Google Chrome stopped support for SHA-1 in chrome 56 (January 2017).

2. Mozilla Firefox announced deprecation of SHA-1 in Firefox 51 (February 2017).

3. Microsoft also announced blocking SHA-1 signed TLS certificates (January 2017).

Also, note down that most certificates now use SHA-256 has algorithms. You can verify this by looking under “Details” tab while going through a certificate on a website.

Method 13: Is the Certificate Issued by Symantec?

In January 2017, it was announced to the users that some ill practices on Symantec’s part about the process of issuing the certificates. Unfortunately they didn’t meet with the industry standard CA/browser forum baseline requirements. Also it has come to notice that the manufacturer had known about this for quite a while.

Due to this reasons, browsers decided to boycott and not to support certificates issued by Symantec. As a result, if the website you are trying to access is using a certificate issued by them then “your connection is not private” error might appear.

The timeline rolling out:

1. Google Chrome Symantec timeline

2. Mozilla Firefox Symantec timeline

3. Microsoft hasn’t published an official statement yet.

If your website seems to be using Symantec certificate then the following error code is displayed: NET::ERR_CERT_SYMANTEC_LEGACY.

Method 14: Run an SSL Server Test

SSL Server comes to rescue if the user is not entirely sure that whether he has set up everything properly on his website or other’s website. SSL/TLS certificates will request for main certificate as well as the intermediate certificates to be installed.

If the owner of the website has not installed these certificates properly then it is sure that their users get a warning error in the browser. This in turn doesn’t let them access the website. Based on the user’s browser choice and its version, the warning regarding the incorrectly setup certificate may be displayed.

There exists a free SSL check tool from Qualys SSL Labs, that users can get their hands on. It is quite dependable to verify certificates. Visit the link: and give your domain name into the Hostname field and tap on Submit button. Wait for 2-3 minutes for the page to load and display the details about the site’s SSL/TLS configuration.

Method 15: Update your Operating System

Every day we get hold of a new version of operating system, it is constantly improving and developing. Old operating systems face downfall when facing newer technologies such as TLS 1.3 and also newest cipher sites. Particular components in the latest SSL certificates will stop functioning.

For instance, in 2015 Google stopped using windows XP. So it is always advised to work with newer operating system by upgrading them timely such as Windows 10.

Always keep a check on the recent updates available in windows, Mac, Linux etc.

Method 16: Restart your Computer

If none of the above mentioned seemed to find a productive solution for you then the most simple and easier way to resolve the error is by restarting the system and also your router. Rebooting devices have proven to clear out unnecessary cache and help eradicate the error.

Method 17: Reach out For Help

Is “your connection is not private” error still lingering on your screen? Also, the above methods couldn’t solve your issue then do not panic. But contact your system manufacturer, network provider or any technical support employee who can guide you through.

Note that Google Chrome Help Forums are quite useful in finding a productive solution. Here there are users from across the world and anyone might have come across the same error and will be able to help you.

Method 18: Disable Chrome Checking SSL Certificates

Users can simply disable the chrome checking SSL certificates. We do not entirely recommend this method as it meant for testing and development purpose only. In case you aren’t fully aware of what you are doing we advise you not to follow this method.

Allow Invalid Certificates from Local host

For those testing locally, you can use the Chrome flag to let insecure connections from local host run. Go to chrome, browse by typing chrome://flags/. Now search for “insecure” in the following page. You might see the option named “Allow invalid certificates or resources loaded from local host”. Activate this option by enabling it and exit the browser. Restart the browser to see if the changes are applied thoroughly.

Disable Chrome Checking All SSL Certificates

Users may request the chrome browser to ignore all SSL certificate error by just inputting the following at the command line during launching. Windows user, you need to right click on the properties of the launcher. Now add –ignore-certificate-errors in the target field. Finally restart the chrome.

Conclusion

You have come a long way in the search of a solution for your errors. I hope you found an effective method to resolve the error “your connection is not private”. We advise you to always browse though the safer sites, do not allow the sites to access your sensitive information. Do not hastily proceed through unsafe or unverified websites.