The browser writes an unsecured connection. Fixing the “Your connection is not secure” error in Firefox

Typically, the “Your connection is not secure” error appears in browsers built on the Chromium engine. That is, you can try to apply the following methods not only in Chrome, but also in Opera, Vivaldi, Yandex.Browser, Amigo, Sputnik and some others.

How to identify and eliminate the cause

1. Check which side the problem is on

First of all, you need to check the availability of the site, when you access it an error appears. This will make sure that the problem is really on your side. To do this, you can try to access this resource from another device or through a different connection.

You can also use whois services (for example, 2ip.ru), which allow you to check the availability of any website in your country for free. If a resource is blocked in Russia, then to access it you will need to resort to VPN services, special extensions or.

2. Set the system time

The latest versions of modern ones have already learned to recognize a system time failure, informing the user that the clock is behind or in a hurry. And yet, in cases with older PCs, it is a significant difference between the system and real time that can cause an error to appear about the insecurity of your connection.

In such a situation, the browser is limited by the validity period of the SSL certificate, which, if the time is incorrect, can be considered invalid. Accordingly, the connection via the HTTPS protocol is not secure, and it is recommended to block it, protecting the user from possible risk. The solution is to simply adjust the date and time on your device.

3. Fix browser problems

Before you start troubleshooting Chrome, update your operating system and the browser itself to the latest version. Only after this can you proceed to the next steps.

Check the impact of extensions

Disable all extensions to see if this is the problem. You can access extensions in Chrome through “More tools” in the settings. Disabling is carried out by simply switching the toggle switches.

If the error stops appearing, all that remains is to find the culprit. Enable the installed extensions one by one and check the accessibility of the problematic site after each one.

Clear cache and cookies

If disabling extensions does not help, you need to clean your browser as well. To do this, you can use the combination Ctrl + Shift + Del, which brings up the cache and temporary files menu, or access the same options through the settings.

To do this in Chrome, in the drop-down menu on the right, go to the “Additional tools” section and click on “Delete browsing data.” In the window that opens, select “Cookies and other site data” and “Images and other cached files.” Delete your data.

Restore your browser settings

A simple reset of your browser settings to default may also help. In desktop Chrome, this can be done in the advanced settings section by selecting “Restore default settings” at the very bottom of the page.

Reinstall your browser

Reinstalling your web browser and first uninstalling the old version may also solve the problem. In order not to start everything from scratch, do not forget to save the pages you need in your bookmarks.

4. Check the influence of your antivirus or firewall

Some antiviruses and firewalls have a built-in function to protect network connections using the HTTPS protocol. It may conflict with an identical browser function, resulting in an error. To check the impact of such programs, simply disable them and try opening the problematic site again. If this is successful, then in the anti-virus software you can add the desired site to the list of exceptions.

It is worth disabling or limiting the activity of the antivirus for the sake of one site only in cases where you are completely confident that there are no risks.

What to do if the cause cannot be eliminated

If none of the methods help solve the problem, you can access the site by stepping over the message about an unsecure connection. To do this, in the error window, you need to click on “Advanced” and then “Go to the site (unsafe)”, if such a link is available.

Another common problem in the Mozilla Firefox browser: Your connection is not secure when trying to open any secure site (using the secure https protocol).

Image 1. Message when trying to open a protected site. The browser does not know at what stage the secure connection is violated and claims the problem is on the site.

Symptoms of the problem:

• The problem only exists in the Mozilla Firefox browser
• Regular sites open (http://www.akorda.kz/ru), but protected ones (https://www.google.com) give an error

ATTENTION:

If the error Your connection is not secure appears on all browsers, check that the date/time on your PC is correct.

If this error occurs only on a specific site that you need access to, run -.

The most common culprit for this problem is the installed Kaspersky antivirus, but it could also be another antivirus or software.

The cause of the problem is an attempt to control https-protected traffic by antivirus components (for example: Parental Control) and the implementation of this by substituting the antivirus certificate.

The use of https by sites (all sites of the project site use https) protects users from address spoofing and protection from interception of connections between the computer and the site the user is accessing.

Such a certificate (SSL) is issued to the site by a special certification authority, a list of which is stored in your browser.

When connecting, it is verified that the site has an SSL certificate, it was issued by a trusted certificate authority, the connection occurs without outside interference, and only in this case a connection to the site is established.

If tampering is detected and an attempt to spoof the SSL certificate is detected, the user receives a message about an unsecured connection.

To control secure connections, antiviruses (or other software) use the substitution of site certificates with their own. To ensure that the substitution is successful, the antivirus, upon initial installation, places its certificates in the system’s trusted certification authorities storage.

The problem discussed in the article arises because the Mozilla Firefox browser uses its own personal certificate store, which the antivirus does not have access to, so the browser shows detection of substitution of the site’s SSL certificate.

There are two possible solutions to the problem:

1. Disable https traffic control;
2. Adding an antivirus certificate to the list of trusted certification authorities in the Mozilla Firefox browser.

The first option is possible, but undesirable. Not only “good” sites can have SSL certificates. By disabling scanning of secure connections, you potentially reduce your security and the capabilities of your antivirus.

Please note that this will only slightly reduce your security at this time.

The second option is more preferable and correct. Add the antivirus certificate to the list of trusted centers in the Mozilla Firefox browser.

This method is shown in the video tutorial:

Video tutorial: Installing a Kaspersky certificate in Mozilla Firefox

By the way: most antiviruses have standard instructions for manually adding a certificate. But using Kaspersky as an example, the instructions are not relevant for all products of this company.

From the author:

If this article helped you and you would like to say “Thank you” - read

In order to fully use the Internet, you need a high-quality connection. But for users of the FireFox web browser, sometimes all their work is ruined by an unexpected notification that “your connection is not secure.” Why does this error appear, and what to do if it does occur?

Most often, such a notification is activated during the transition to protected resources that have a security certificate. Such sites, when interacting with Mozilla, use a special encryption method - #encryption. This is necessary to prevent fraudsters from intercepting sent data.

In order to recognize that the transition is being made to just such a resource, look carefully at the address line of the page. In the status line of the protected site, a special icon is displayed - a closed padlock. You can also see it in the address bar.

When there is a certificate, but the browser cannot verify it, an alert appears indicating that the connection is not secure. The resource does not necessarily harm your computer, Mozilla simply warns you in advance about the possible danger.

Deactivating the “Your connection is not secure” alert

There are several reasons why a “failure” may occur. It is worth dwelling on each separately.

Disable SSL certificate verification

Quite often, the error about an insecure Kaspersky Firefox connection appears due to the fact that antivirus programs first scan sites and only then load them in the browser. A conflict occurs that leads to such difficulties. To eliminate it, you need to deactivate HTTPS protocol scanning in the antivirus program options.

• Kaspersky (KIS / KAV) – Settings/Advanced/Network/check “Do not scan connections (encrypted)”;
• Avast – Settings/Active protection/Web shield/disable the “Enable HTTPS scanning” function;
• Eset NOD – “SSL / TLS” is disabled in the parameters. All changes must be saved by clicking “OK”.

Checking date and time

It is important to see if the time is set correctly in Windows 10. You can do this like this:

• go to Windows settings through the special “Start” menu;

• You can press the combination Win + I;
• in the “Time and Language” section, check the correctness of the information;

• Look carefully at the “Change” button; if it is inactive, then you need to deactivate auto-tuning.

Clearing storage

If the above options do not help, a notification appears that the connection is still not secure, you need to use another option - delete the certification file. There is a chance that it got corrupted, so the browser will rebuild it, getting rid of the error.

• In the Firefox address bar we write

• Click “Open folder” located next to the inscription: “Profile folder”;

• A list of files will appear, here we delete the element - cert8.db;

• Restart the browser and re-enter the previously blocked source.

Adding a resource to the “white list”

If you completely trust the site, are 100% sure of its reliability, you can add it to the exclusion list, and the notification will no longer bother you. You can do it like this:

• in the lock window, click “Advanced”;

• Below is a description of the problem and a button to add to exceptions;

• confirm your intentions by clicking on the appropriate element in the window.

That's probably all. Now you know how to get rid of the error indicating that your Internet connection is not secure.

Nowadays it is quite difficult to find a person who does not use the Internet.

Many users spend quite a lot of time in its open spaces. Therefore, a high-quality connection is in demand more than ever.

But what to do if all plans are disrupted by a suddenly appearing warning? your connection is not secure.

In this article, we will look at why this error occurs in different browsers and what you should do if it occurs.

First of all, let's look at the occurrence of this problem when using the FireFox Internet browser.

The meaning of such a message

Often this message occurs when visiting secure sites. Such sites, when interacting with the FireFox browser, use a special encryption method - #encryption. This is done in order to prevent attackers from viewing the transmitted information.

To understand that you are visiting exactly such a site, pay attention to the line displaying the address of the page you are visiting. In the status line ( #status_Bar) secure site will display a closed padlock icon. It will also appear in the address bar ( #location_bar).

In addition, the browser will also display the site's domain name in the status bar, highlighted in yellow. This is necessary to ensure that the user cannot be misled in order to steal personal data.

Such sites can contain not only protected information, but also unprotected information, to which everyone has free access.

If the site's information is unprotected, FireFox will display a padlock icon with a slash through it in the status bar. There will also be no domain name in the address bar and status bar. If you pay attention to such information, you will immediately be able to understand that the site you are visiting is partially protected.

So, if FireFox connects to a secure site, it first of all checks the certificate provided by the site. The connection will only continue if it is valid at the moment and if the level of encryption available is capable of protecting your personal data.

If it is impossible to verify the certificate provided by the site, or the level of encryption does not allow the necessary protection of the user’s personal information, the connection session will be automatically terminated.

In this case, you will see a message about the problem that has arisen.

It will look like shown in the picture.

The message displayed by the browser indicates that this site does not have the necessary settings to protect your information from theft. Therefore, FireFox terminates the connection to it.

What to do when such a message appears?

If you encounter a similar error- try, if possible, to get in touch with the site owners and inform them about the problem that has arisen.

Until everything on the site is corrected, try not to visit it again.

All you can do in this case is to go to another site or simply close the connection page with an unsecured site.

Do not try again and again to connect to a site that is not properly configured, as this will leave you vulnerable and risk being intercepted by scammers.

To get information about why the site you are visiting does not have a secure connection, use the “Advanced” button located in the information window.

Below will be described most common mistakes, helping to terminate the connection with the requested site.

Error one

This error is due to the fact that the certificate the site has will not be valid until a certain date.

In this case, you will receive information about the date and see the error code itself.

This means that the date on your computer is incorrectly configured.

To solve this problem, open the date and time settings tab and make the necessary adjustments.

Second common mistake

It occurs when the identification certificate of a particular site has already expired.

The information message will display the current date and time set on your computer.

If the problem is due to their incorrect settings, open the date and time settings and make the necessary adjustments.

Third mistake

Also common is the lack of trust in the provided certificate due to the presence of an unknown certificate chain.

This problem most often occurs due to the activation of SSL scanning in the antivirus program installed on the computer.

To solve this problem, you will need to reinstall the antivirus or disable the interception of secure connections in its settings.

For example, if you use the Avast antivirus program to protect your system, open “Settings” and go to the “Active Protection” tab.

There you will need to click on the “Configure” button located next to the web shield.

In the window that opens, uncheck the “Enable HTTPS scanning” line. Finally, you need to confirm the changes made in the settings by clicking on the “Ok” button.

If you use a product like Kaspersky - you will need to do the following:

• open a window with antivirus settings;
• in the lower left part of this window, click on the “Settings” button;
• use the “Advanced” item to go to the “Network” tab;
• deselect the “Scan encrypted connections” menu bar;
• check the box next to “Do not scan encrypted connections”;
• Confirm the changes by clicking the “Ok” button.

It is not difficult to find the necessary information for other antivirus products on the Internet.

Your browser may display a lack of trust in the certificate not only on little-known sites, but also on such giants as YouTube and Google. Most often, owners of the Windows 10 operating system may encounter this. This is due to the fact that Microsoft family settings located in user accounts are activated.

To get rid of this problem, you will need to go to the following page: account.microsoft.com/family. Next, you need to log in using a Microsoft account.

The next step is to remove all existing family members using the Remove from Family option in the advanced options tab.

In conclusion, you should leave the family yourself, using the option of the same name.

Fourth mistake

It consists in the lack of trust in the certificate, since the latter is self-signed.

These types of certificates are designed to protect against eavesdropping, but do not provide any information about the recipient.

Most often, non-public sites use this, so you can easily bypass this warning.

Fifth mistake

The problem is that the certificate provided to you belongs to a completely different Internet resource.

This problem occurs quite often and primarily due to the fact that the issued certificate is valid for one part of the site being visited.

In this case, without opening FireFox, delete the above file so that the next time you start the browser, it will be restored.

To do this, follow these steps:

• open the menu and select “Help”;
• go to the “Problem Solving Information” tab;
• open the profile folder located in the “Application Information” section;
• open the menu again and select “Exit”;
• select the file db and remove it;
• restart your browser.

When can warnings be ignored?

This option is suitable if you are confident in the reliability of the resource.

However, even in this case, you are not immune from eavesdropping and interception of confidential data by third parties.

If you still decide to ignore the warning that appears, follow a few simple steps.

On a page with such a warning, use the “Advanced” button.

If your browser connects to a site with weak encryption, download it using an outdated security system. You will be given the opportunity to download this. In the case of a resource whose certificate is unverified, add it to the exceptions.

Possibility of error reporting

There are quite a large number of sites on the Internet that allow the FireFox browser to report an error to its center.

To do this, check the box on the issue page at the bottom, opposite the line “Report errors like this to help Mozilla and block malicious sites.”

A warning about an unsecured connection appears in the browserChrome

Problems with certificates of certain sites opened by the Chrome browser are identical to those with FireFox and can be solved using similar methods.

The reasons for their occurrence also include:

• incorrect system time setting;
• the presence of an unverified certificate or one with an expired validity period;
• installed extensions that block;
• Chrome browser malfunction.

In the first case, to resolve the error, you will need to adjust the system date and time so that they match those installed on the server. To do this, open the time and date settings tab and adjust them.

Warnings due to an unverified or outdated certificate most often occur when you try to log into your personal account on a particular resource.

To get around this, click on the “Advanced” tab in the error display window, and then use the “Go to site” button.

Blocking extensions are largely related to the antivirus program installed on the computer.

In order to correct this situation, you will need to open the Chrome browser and go to the installed extensions tab.

From the list of available ones, select your antivirus software modules and uncheck them.

After that, re-open your browser and try to access the site.

A similar error may also occur due to a malfunction in Chrome. A simple reinstallation of the browser can correct the situation.

To remove the faulty version, open the Programs and Features window, select the name of the installed browser and click the Remove button.

After the application is removed, reboot your computer and install Google Chrome again.

In most cases, the warning about an unsecured connection stops bothering you.

Conclusion

This article has come to an end, in which we examined options for the appearance of a warning about the presence of an unsecured connection.

We hope that the available information will be useful to you and will help you solve this error.

Your connection is not secure, how to fix it:

Ọnwebeghị onye nyere aka tụgharịa asụsụ edemede a. Ọ bụrụ na ị marala otu ịtụgharị asụsụ maka SUMO si arụ ọrụ, bido ịtụgharị asụsụ ugbu a . Ọ bụrụ na ị chọrọ ịmụta otu esi atụgharị edemede maka SUMO, biko bido ebe a .

When Firefox connects to a secure website (the URL begins with "http s://"), it must verify that the certificate presented by the website is valid and that the encryption is strong enough to adequately protect your privacy. If it is unable to verify this, Firefox stops connecting to the site and will show you an error page with the message, Your connection is not secure .

Click the Advanced button to view the error code and other information about the error. Common errors are described in this article.

• If Firefox shows you a Secure Connection Failed or Did Not Connect: Potential Security Issue error page instead, see this article.

Table of Contents

What to do if you see these errors?

If you see a Warning: Potential Security Risk Ahead message, you may:

• Contact the website owner and ask them to correct their certificate.
• Click Go Back (Recommended) , or visit a different website.
• If you are on a corporate network or using antivirus software, reach out to the support teams for assistance.

After viewing the error code and other information about the error, click the Accept the Risk and Continue button to load the site at your own risk. This will add a security exception for the website certificate.

Warning! Do not proceed to the website unless you understand the reasons for the security warning. Legitimate public sites will not require you to add a security exception for their certificate. An invalid certificate can be an indication of a web page that will defraud you or steal your identity.

MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED

This error indicates that the website"s certificate has not complied with security policies in Mozilla"s CA Certificate Program. Most browsers, not just Firefox, do not trust certificates by GeoTrust, RapidSSL, Symantec, Thawte, and VeriSign because these certificate authorities failed to follow security practices in the past.

The owners of the website need to work with their certificate authority to correct the policy problem. Mozilla's CA Certificate Program publishes a list of upcoming policy actions affecting certificate authorities which contains details that might be useful to the website owners.

For more information, see the Mozilla Security Blog post, Distrust of Symantec TLS Certificates.

SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE

date (...)

SEC_ERROR_EXPIRED_CERTIFICATE

The certificate expired on date (...)
This error occurs when a website's identity certification has expired.

The error text will also show the current date and time of your system. In case this is incorrect, set your system clock to today"s date and time (double-click the clock icon on the Windows Taskbar) in order to fix the problem. More details about this are available in the support article How to troubleshoot time related errors on secure websites.

SEC_ERROR_UNKNOWN_ISSUER

MOZILLA_PKIX_ERROR_MITM_DETECTED

The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.

man-in-the-middle attack is detected.

ERROR_SELF_SIGNED_CERT

The certificate is not trusted because it is self-signed.

How to troubleshoot security error codes on secure websites.

SSL_ERROR_BAD_CERT_DOMAIN

Firefox does not trust this site because it uses a certificate that is not valid for that particular site. Information sent over this site could be at risk, so the best thing for you to do is contact the website owners to correct the problem.

SEC_ERROR_OCSP_INVALID_SIGNING_CERT

The site is not configured correctly and failed a security check. If you visit this site, attackers could try to steal your private information, like passwords, emails, or credit card details.

The issue is with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem.

Corrupted certificate store

You may also see certificate error messages when the file in your profile folder that stores your certificates cert9.db has become corrupted. Try to delete this file while Firefox is closed to regenerate it:

Note:

Note: cert9.db will be recreated when you restart Firefox. This is normal.

What to do if you see this error?

If you encounter a "Your connection is not secure" error, you should contact the owners of the website, if possible, and inform them of the error. It is recommended that you wait for the website to be fixed before using it. The safest thing to do is to click Go Back , or to visit a different website. Unless you know and understand the technical reason why the website presented incorrect identification, and are willing to risk communicating over a connection that could be vulnerable to an eavesdropper, you should not proceed to the website.

Technical information

Click on Advanced for more information on why the connection is not secure. Some common errors are described below:

Certificate does not come from a trusted source

The certificate does not come from a trusted source.

Error code: MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED

The certificate will not be valid until (date)

The certificate will not be valid until date (...)

Error code: SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE

The error text will also show the current date and time of your system. In case this is incorrect, set your system clock to today"s date and time (double-click the clock icon on the Windows Taskbar) in order to fix the problem. More details about this are available in the support article How to troubleshoot time related errors on secure websites.

The certificate expired on (date)

The certificate expired on date (...)

Error code: SEC_ERROR_EXPIRED_CERTIFICATE

This error occurs when a website's identity certification has expired.

The error text will also show the current date and time of your system. In case this is incorrect, set your system clock to today"s date and time (double-click the clock icon on the Windows Taskbar) in order to fix the problem. More details about this are available in the support article How to troubleshoot time related errors on secure websites.

The certificate is not trusted because the issuer certificate is unknown

The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.

Error code: SEC_ERROR_UNKNOWN_ISSUER

The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.

Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED

MOZILLA_PKIX_ERROR_MITM_DETECTED is a special case of the SEC_ERROR_UNKNOWN_ISSUER error code when a man-in-the-middle attack is detected.

You may have enabled SSL scanning in your security software such as Avast, Bitdefender, ESET or Kaspersky. Try to disable this option. More details are available in the support article How to troubleshoot security error codes on secure websites.

You may also see this error message on major sites like Google, Facebook, YouTube and others on Windows in user accounts protected by Microsoft family settings. To turn these settings off for a particular user, see the Microsoft support article How do I turn off family features? .

The certificate is not trusted because it is self-signed

The certificate is not trusted because it is self-signed.

Error code: ERROR_SELF_SIGNED_CERT

Self-signed certificates make your data safe from eavesdroppers, but say nothing about who the recipient of the data is. This is common for intranet websites that aren't available publicly and you may bypass the warning for such sites. More details are available in the support article How to troubleshoot security error codes on secure websites.

The certificate is only valid for (site name)

example. com uses an invalid security certificate.

The certificate is only valid for the following names: www.example. com, *.example. com

Error code: SSL_ERROR_BAD_CERT_DOMAIN

This error is telling you that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers, the recipient may not be who you think it is.

A common situation is when the certificate is actually for a different part of the same site. For example, you may have visited https://example.com, but the certificate is for https:// www. example.com. In this case, if you access https:// www. example.com directly, you should not receive the warning.

Corrupted certificate store

You may also see certificate error messages when the file in your profile folder that stores your certificates ( cert8.dbcert9.db) has become corrupted. Try to delete this file while Firefox is closed to regenerate it:

Note: You should only perform these steps as a last resort, after all other troubleshooting steps have failed.

Note: cert8.dbcert9.db will be recreated when you restart Firefox. This is normal.

Bypassing the warning

Note: Some security warnings cannot be bypassed.

You should only bypass the warning if you"re confident in both the identity of the website and the integrity of your connection - even if you trust the site, someone could be tampering with your connection. Data you enter into a site over a weakly encrypted connection can be vulnerable to eavesdroppers as well.

In order to bypass the warning page, click Advanced :

• On sites with a weak encryption you will then be shown an option to load the site using outdated security.
• On sites where the certificate cannot be validated, you might be given the option to add an exception.

Legitimate public sites will not ask you to add an exception for their certificate - in this case an invalid certificate can be an indication of a web page that will defraud you or steal your identity.