We all know this message can be confusing and concerning. Usually, the issue involves a problem with the website’s SSL certificate or the web browser. Fortunately, it’s a relatively easy fix.
In essence, you get the error message when the site you’re trying to open claims to comply with the HTTPS protocol, but it’s either using an invalid SSL or not providing one at all. If the browser can’t verify the certificate, it won’t load the site and give this message instead.
What is a secure connection?
A secure connection uses HTTPS and not HTTP. The presence of an SSL certificate is symbolized by a padlock icon next to the URL. While HTTPS has many security advantages, it comes with very stringent compliance requirements. Having a valid SSL certificate is one of them.
The error message differs slightly depending on the browser, but it mentions secure connections in each case.
Common causes of the error
Typically, the error is either due to problems with the web browser or to issues with the site or system configuration. If you get the error when you’re using Chrome but not Firefox, for example, the cause is browser-based. If it appears regardless of what browser you use, the issue is with the site or your computer.
A widespread problem with websites is the lack of an SSL certificate. Visiting or maintaining a site that can’t provide a secure connection is not advisable. What’s more, SSL certificates are easy and inexpensive to obtain. They are typically offered as part of most standard hosting service packages.
Outdated SSL cache
If that’s not the reason, it could be an outdated SSL cache in the browser. Web browsers store data in a cache, and SSL certificates are a form of data. This is to make browsing faster. If your browser fails to load a new SSL certificate, loading the older, cached one instead, you’ll get the error message.
Misconfigured browser extension
A poorly configured or misconfigured browser extension can make it hard to verify certificates. Usually, this is due to a coding error.
Incorrect date and time
If your time and date are wrong, it will be difficult to authenticate the SSL certificate. Fortunately, the solution is straightforward.
Overactive antivirus software
Overaggressive antivirus software can generate this message when scanning your connections in real-time.
Finally, the SSL certificate might have expired or be otherwise invalid.
Troubleshooting
To fix the problem, start by creating a root certificate. This makes signing further certificates possible for your domains. Open the Terminal app on your desktop and type in openssl genrsa -des3 -out rootCA.key 2048. This will create a key named rootCA.key. It is used to create the root certificate. Remember the password you enter as you’ll need to enter it again when you create certificates.
The next step is creating the certificate itself. The corresponding command is openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem.
Your OS needs to trust the certificate for it to work. This will save a lot of time in the future because the OS will trust any certificates you create by default.
Generate a configuration file that hosts the OpenSSL settings you would like to use moving forward and create a key to sign your domain SSL certificate.
The last step is creating an SSL certificate for localhost. The command generates server.crt, a certificate file. Finally, copy this file and the server.key to the MAMP installation folder. Launching HTTPS on your site is now possible without getting the error message.
