You try to visit a website and your browser shows a scary red warning: "Your connection is not private. Attackers might be trying to steal your information."
Do not panic. This error is common and usually harmless. But sometimes it is a real security warning. This guide explains what it means and how to fix it.
What This Error Means
Your browser tried to establish a secure (HTTPS) connection but the website's SSL certificate has a problem. The browser is protecting you from potentially sending data over an insecure connection.
The error does NOT mean:
- You have been hacked
- Your computer has a virus
- Someone is watching you (usually)
It usually means:
- The website's certificate expired
- Your computer's clock is wrong
- Your WiFi network is intercepting the connection
- The website has a misconfigured certificate
Fix 1: Check Your Clock
The most common cause on personal devices. SSL certificates are time-sensitive — if your computer's clock is wrong, every certificate looks invalid.
Windows: Settings → Time & Language → toggle "Set time automatically" off and on
Mac: System Settings → General → Date & Time → toggle "Set date and time automatically"
iPhone: Settings → General → Date & Time → Set Automatically
Android: Settings → System → Date & Time → Automatic date & time
Fix 2: Try Incognito/Private Mode
Open the same URL in an incognito window (Ctrl+Shift+N in Chrome). If it works in incognito but not normal mode, a browser extension or cached data is causing the issue.
Fix: Clear your browser cache (Ctrl+Shift+Delete → Cached images and files → Delete).
Fix 3: Check Your WiFi Network
Public WiFi (coffee shops, airports, hotels) often intercepts HTTPS connections to show a login/captive portal page. This triggers the certificate error.
Fix:
- Look for a WiFi login page — try visiting
http://neverssl.com(not https) - Accept the WiFi terms/login
- The certificate error should go away
Work/school networks sometimes use a proxy that inspects HTTPS traffic. This is intentional by your IT department — they install a custom root certificate. If you are on a corporate network and get this error on every site, contact IT.
Fix 4: Disable VPN or Proxy
VPNs and proxies can interfere with SSL connections. Temporarily disable yours and try again.
If the site works without VPN, your VPN may be doing SSL inspection or its DNS is causing issues. Check with our VPN Leak Test.
Fix 5: Disable Antivirus HTTPS Scanning
Many antivirus programs (Avast, Kaspersky, Bitdefender, ESET) have "HTTPS scanning" or "SSL inspection" that inserts their own certificate into your connections. This frequently causes certificate errors.
Look for settings like:
- "HTTPS scanning" → disable
- "SSL/TLS filtering" → disable
- "Web shield" → disable HTTPS interception
Fix 6: The Certificate Actually Expired
If the website owner forgot to renew their SSL certificate, you will get this error. This is their problem, not yours.
How to check:
- Click the error details in your browser
- Look for "Certificate has expired" or the expiration date
- Check the certificate with our SSL Server Test
If the cert expired, there is nothing you can do — contact the website owner or wait for them to renew it.
Fix 7: Clear SSL State (Windows)
Windows caches SSL certificates. A stale cache can cause errors:
- Open Internet Options (search in Start menu)
- Go to Content tab
- Click Clear SSL State
- Click OK and restart browser
When It's Safe to Bypass
Safe to proceed:
- Your own website (you know the cert is valid or you are testing)
- Internal network services (like your router admin at 192.168.1.1)
- A trusted site with a recently expired certificate (like a blog)
How to bypass in Chrome: Click "Advanced" → "Proceed to [site] (unsafe)"
NEVER bypass for:
- Banking or financial sites
- Shopping sites where you enter credit card info
- Email login pages
- Any site asking for passwords or personal information
If your bank shows this error, do NOT proceed. Call them or use their app instead.
Error Messages by Browser
| Browser | Error Message |
|---|---|
| Chrome/Edge | "Your connection is not private" (NET::ERR_CERT_*) |
| Firefox | "Warning: Potential Security Risk Ahead" |
| Safari | "This Connection Is Not Private" |
| Brave | Same as Chrome |
For Website Owners
If your visitors are getting this error on YOUR site:
- Certificate expired? → Renew it:
sudo certbot renew - Wrong domain? → Get a cert that covers the correct domain
- Missing chain? → Include the intermediate certificate in your server config
- Mixed content? → Change all HTTP resource URLs to HTTPS
Test your SSL configuration with our SSL Server Test and check redirects with our HTTPS Redirect Tester.
Related Tools
- SSL Server Test — check any site's certificate
- HTTPS Redirect Tester — verify HTTPS redirects
- VPN Leak Test — check if VPN is causing the issue
- DNS Toolbox — check DNS configuration
- SSL Certificates Explained
- Fix ERR_SSL_PROTOCOL_ERROR
- How to Flush DNS Cache