Sometimes we see the error “The connection is not private” when entering web pages with a Chrome, Edge or Firefox browser and we do not know what it is. Now we will explain the cause of the problem and the best solution depending on its origin.
To solve the error “The connection is not private” we must understand its bases: most web pages send the information encrypted thanks to HTTPS (HTTP with TLS / SSL channel) using a digital certificate that confirms your identity.
About: blank: what it is and what it is for in Chrome
We will see a message of “The connection is not private” (and perhaps “SSL certificate error)” when any of these elements fail, and the solution depends on the browser, the web page itself or even the Internet connection.
Depending on the browser we use, the text of the message may vary , some common options are:
Warning: potential security risk below
Firefox has detected a possible security threat and has not loaded www.EXAMPLE.com. If you visit this site, attackers could try to steal information such as your passwords, emails, or credit card details.
Your connection is not private
Attackers may be trying to steal your information from www.EXAMPLE.com (for example, passwords, messages, or credit cards).
The connection is not private
Attackers may be trying to steal your information from www.EXAMPLE.com (for example, passwords, messages, or credit cards). More information
To solve this problem there are different approaches, and we are going to cover from the most common to the less frequent. Warning, yes, that there is not always a satisfactory solution to this situation.
Refresh the page
We may have already tried it, but in computing many times the solution is to try again. The failure of “The connection is not private” perhaps comes out simply because the web has not responded at any given time, due to a failure of Internet access or of our device.
So the first step in pressing the update or refresh button of Chrome, Firefox or Edge before considering another more complex solution, because perhaps everything is working correctly and it is a one-off incident.
Check the team clock
In many cases, SSL and TSL certificates fail due to the wrong time and date , as they expire, so time is a key aspect. The “The connection is not private” error is sometimes caused by this.
When the clock is not right on the device, they can tell us:
NET :: ERR_CERT_DATE_INVALID
It is best to have the clock synchronized from the Internet , in this way we will always achieve maximum precision and rule out problems of this type.
We can activate the automatic clock in Windows 10 from this route:
Settings -> Time and language -> Adjust automatically
On the other hand, in macOS the automatic clock is activated in the following menu:
System Preferences -> Date and Time -> Set Automatically
We have already explained how to change the time in iOS , with respect to Android the settings change depending on the manufacturer, in general they are easy to locate.
To set the Android automatic clock, the route is usually similar to this:
Settings -> System -> Date and time -> Use network time
Issues with expired, old, or insecure certificates
Any online service needs an SSL / TSL certificate to function safely, which are issued by companies called certificate authorities. The browsers have a list of trusted certificates , because sometimes some are no longer reliable after airing.
This is how a secure website with a valid certificate is displayed in Chrome :
Padlock icon (address bar) -> The connection is secure -> The certificate is valid
And this would be the appearance of an insecure website in Chrome with some certificate problem:
Warning icon (address bar) -> Not secure -> The connection to this website is not secure
The problems with the certificates that the browser does not accept cannot be solved by the user, the only option is to enter the site anyway, accepting the risk. It is not the perfect solution, but there is no other possibility within our reach.
A significant number of certificates from Symantec, GeoTrust, Thawte, and RapidSSL have been revoked in Chrome , after Google found irregularities in the operation of Symantec. This occurred in 2017, so the sites that are still affected today are likely semi-abandoned by their owners.
The browser message in these cases is usually:
Also, as of 2017, browsers do not trust SHA-1 certificates , since since 2005 it is considered that they are not strong enough to resist attacks of a certain level.
The error is usually like this:
NET :: ERR_CERT_WEAK_SIGNATURE_ALGORITHM
In September 2021, the Let’s Encrypt DST Root CA X3 certificate expired , which was used in some old and popular devices: PS3, PS4 or Nintendo 3DS consoles, mobiles with Android 2.3.6 or iOS 9 and computers with Windows XP SP3 or macOS 10.12. In some cases, it is possible to update your operating system to fix the incident.
In conclusion, if we use consoles or retro computing it is normal to find expired certificates , and also if we visit old websites whose managers do not update.
The notice in these cases will be:
In these cases, going ahead is reasonable, always avoiding entering sensitive information, and being aware that if we enter a password to log in, it will not be safe.
Finally, some public administrations use their own certificates , which are not considered safe by browsers. The messages that appear are:
NET :: ERR_CERT_AUTHORITY_INVALID
However, it is important to note that this error also comes up with other self-signed certificates , which any user can create. Therefore, if we are not sure that the web is 100% reliable, we should not trust it.
In the end, it is still like the digital certificate of the administrations, where the citizen can sign any document prepared by himself.
Access the web anyway
Actually, the message “The connection is not private” is just a warning, so a solution is to enter anyway if we are willing to take a certain risk at the level of privacy and security.
Of course, we must avoid it when we are going to provide personal data, payment or passwords on that site, since this sensitive information should always be transmitted encrypted and protected.
- In the “The connection is not private” window, click on the “Advanced configuration” box that appears at the bottom left:
- We will click on “Access [EXAMPLE.com] (not secure site)” that appears at the bottom of the page:
- In this way, it will allow us to browse the page normally , although the data received or sent could be intercepted.
Non-private connection on public WiFi
Sometimes the notice of “The connection is not private” appears when using a public WiFi in a cafeteria, library, hotel, airport, etc. Either because the network doesn’t really meet modern security requirements , or because we need to log in.
We have to open the browser and start the WiFi session , which changes depending on each place: sometimes you just have to accept the conditions, you can also ask us for an email or the personal password that they have given us at reception.
It is possible that, once we log in, the navigation becomes encrypted , and the browser warning no longer appears again, in this way we will have managed to solve the issue.
Change DNS and disable VPN
DNS servers (Domain Name Server) are responsible for translating web addresses (type elgrupoinformatico.com) to the IP addresses used by computers (type 220.127.116.11), so they are a basic element of the Internet.
Therefore, a problem with the DNS can lead to the error “The connection is not private” , and changing them to different ones is a potential solution, or at least rules out a possible cause.
In our list of the best DNS to use we indicate some very good alternatives and we explain how to change them in different operating systems.
Finally, if we use a VPN server to navigate, it is very idea to disable it, as it acts as a bridge between our Internet connection and the sites we visit. Therefore, a VPN introduces errors beyond our control , so we must disable the program.
If our computer is managed by another person or accessed through an internal network (companies, universities and other organizations) the error of “The connection is not private” in specific cases could be due to a restriction. If none of the above steps have worked, it is worth asking your systems administrator.
In summary, in many cases it is easy to fix the error “The connection is not private” in Chrome, Firefox and Edge. When there is no solution, we can assess whether to skip the warning, always understanding that there is a risk of someone accessing the transmitted data or passwords