Nowadays using SSL on your site is a must-have option. So, if you forgot to renew SSL or there are some problems with your SSL certificate you may see an error like this in your browser: “Your connection is not private”, “Your connection is not secure”, “This Connection Is Not Private”.
In this article, I will help you to understand what sort of the issue you have and how to fix it.
What should you do if you faced “Your connection is not private” issue?
First of all, you should check your SSL certificate. To reproduce different types of issues with SSL I will use BadSSL and show you ways to check your site.
Go to the site with the issue and open Security overview:
- – Press Ctrl+Shift+I (for Windows / Linux OS’s) or Cmd+Opt+I (Mac OS).
- – If DevTools window is already open, please choose the Security tab from tab list.
Next press View certificate button to see your certificate information.
In this example, you can see that certificate has been expired and you need to renew it to fix this problem with an expired certificate and get rid of “Your connection is not private” notification.
To check your SSL certificate in Firefox, press Advanced button and you will see info regarding your issue:
You should have to install curl on your machine before proceeding. First of all, open your terminal or cmd and execute the following command:
curl -vvI https://expired.badssl.com/
The output of the curl command will give you the information regarding your certificate.
* Trying 184.108.40.206...
* TCP_NODELAY set
* Connected to expired.badssl.com (220.127.116.11) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* SSL certificate problem: certificate has expired
* stopped the pause stream!
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
Another good option to check your SSL is SSL Labs tool. Because it may show you issues that are not displayed in your browser, for example, Incomplete Chain.
Top reasons of SSL issues
Expired SSL Certificate
Requests to our support system show that absolute champion of the problem is Expired SSL certificate. Due to, customers usually ignores email notifications from SSL issuer that their certificate will be expired soon and it is time to renew it, even if they have the auto-renew option they fail to renew it on the server.
Indeed, users that are using our proactive server management do not have such issues, because our monitoring system detects expired or problematic SSL certificate and our guys will renew it and fix issues.
Mixed Content is our next one leader from the top of the problems. This issue means that you have some external scripts or requests that are going to resource that has no SSL certificate or it has issues.
Finally, if you have some issues with your certificate chain you will see following error in SSL Labs test
This problem means that you did not install your certificate properly, not all users will have issues when visiting your site however, you should consider fixing it by uploading intermediate certificates to the cert chain on your server.