- When Chrome says a website is not secured, but the certificate is valid, that website may have mixed HTTPS and HTTP content.
- You can change the Internet connection settings to see if the problem is resolved.
- Another way to fix this issue is to clear the browser cache or contact the website administrator.
When you’re trying to access a website and Google Chrome says the certificate is not secure, but you know the certificate is valid, it’s warning you that the webpage you are on has a mixture of HTTP and HTTP resources.
Chances are your connection is not secure in Chrome. We’ve put together methods that will help you solve the problem.
A website certificate is vital. The website’s server uses the HTTPS certificate to prove the website’s identity to web browsers like Chrome.
This is crucial since anyone can create a certificate claiming to be valid. Chrome requires websites to use certificates from trusted organizations.
Before we begin troubleshooting and resolving the issue, we suggest that you view the required URL with a more trustworthy and end-to-end security browser.
Try the Opera browser as a fast workaround for more information about a site’s security certificate. It will tell you who issued the certificate, what sort of certificate it is, and whether the issuer is well-known and legitimate. You may set Opera to notify you about public sites that use certificates issued by local vendors if you believe this might be the problem.
Why does Chrome say that the certificate is not secure?
The not secure warning you encounter on a webpage means the website does not provide an encrypted connection.
Here are some common Chrome errors you might encounter when using the web browser and what they mean.
- This webpage has a redirect loop or ERR_TOO_MANY_REDIRECTS – The webpage you’re trying to access has too many redirects; probably because the cookies are not working correctly
- This webpage is not available or ERR_SSL_VERSION_OR_CIPHER_MISMATCH – The website you’re visiting has an outdated security code, and Chrome blocks the connection
- Connect to a network – You have to sign in before using your Wi-Fi portal and connect to the website
- ERR_SSL_WEAK_EPHEMERAL_DH_KEY – The website to which you’re trying to connect has an outdated security code
- Delete Expired DigiCert Certificate (Mac computers only) – The webpage uses a certificate that isn’t set upright on your computer
- This site can’t provide a secure connection; network error sent an invalid response or ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION – If the page had a problem which Chrome couldn’t understand, you’d see this error; the solution is to contact the website owner
Sometimes, third-party software on your PC is stopping Chrome from safely connecting to the web.
This error only occurs on Windows OS, and most likely, the culprit is the Superfish software on your computer.
You can remove it by downloading the SuperFish removal tool and following the installation instructions.
What can I do when Chrome says the certificate is not secure?
1. Clear Chrome’s cache and cookies
- Open the Chrome browser on your PC.
- At the top right, click on More.
- Click on More tools and then select Clear browsing data.
- Select the Advanced tab.
- Choose a time frame, such as Last hour or All time.
- Ensure that you check Cookies and other site data and Cached images and files box.
- Click on Clear data.
- Reload the website.
Browsers store local copies on your computer data so that they don’t have to load the website from scratch every time you visit a website.
Clearing Chrome’s cache and cookies will help the website load from scratch with updated information and might help validate the website’s security certificate.
2. Flush your DNS records on Windows
- Press Win + R simultaneously to open the Run console.
- Type cmd and then press Enter.
- In the command prompt window, type the following command:
- Press Enter to clear the DNS.
- You’ll receive a message showing the successful clearance of the DNS records.
Sometimes a DNS cache may become corrupted because of a technical glitch on the website’s administrative side.
It can also become corrupted because of DNS poisoning. DNS poisoning is when unauthorized domain names or IP addresses are inserted into the cache.
Flushing the DNS will clear any IP address or DNS records in your system’s cache. It helps to resolve connectivity and Internet security issues.
3. Use the Chrome DevTools
- On the non-secure web page, press Ctrl + Shift + I to open Chrome DevTools. You can also right-click anywhere on the page and click inspect.
- Once DevTools is open, click on Security.
- Reload the page from the Security tab to see what’s causing the non-secure error.
- If the non-secure error is caused by mixed content resources, Google will show you that too.
- Click on View # requests in Network Panel.
- You will see if unsecured images cause the non-secure connection.
This usually happens when the website administrator hosts images on a secondary domain and that domain uses the http:// connection.
However, Chrome will show you if the website has an expired, missing, or invalid SSL certificate. Click on view certificate, and you will find all the details regarding the website’s certificate.
How do I fix the site’s security certificate that is not trusted for Mac?
1. Delete problematic certificates
- Open the Keychain Access app from the Utilities.
- Select the login keychain.
- Choose Certificates at the bottom menu bar.
- Right-click on any certificate that displays a red X, then click on Delete. The certificate will be re-downloaded.
2. Override the old certificate
- Double-click the certificate to open its settings in the Keychain app.
- Click the arrow next to Trust to display the trust policies for the certificate.
- Choose new trust settings from the pop-up menu to override the trust policies.
- Close the window to override the trust policies and quit Keychain.
The certificate is the one MacOS uses to validate the connection you’re trying to make with the website’s server. macOS warns you if the certificate is invalid or has expired.
You can also clear your browser’s cache. Clearing the cache is important because the downloaded cache on your computer might be obsolete.
Another way you can troubleshoot this error is to ensure that the date and time on your device are in sync with the website’s server.
If you’ve tried the methods above but couldn’t resolve the issue, you can contact the website’s administrator for support.
For any problem with your website’s security certificate, we have prepared an in-depth guide to help you solve that.
Should you have any other questions or suggestions, write about them in the comments section below and we will get back to you.