safari security certificate warning

[SOLVED] How Do I Fix Safari Certificate Error on Mac?

Safari, the default web browser on Mac, is known for its seamless browsing experience and robust security features. However, there are times when you might encounter a pesky “Certificate Error”  while trying to access certain websites. These errors can be frustrating, but they’re usually a result of security measures designed to protect you from potentially harmful websites. In this guide, we’ll walk you through the common causes of Safari certificate errors  on Mac and provide step-by-step solutions to help you resolve them.

Quick Navigation:

Part 1: Understanding Safari Certificate Errors

Part 2:common causes of safari certificate errors, part 3: how do i fix invalid certificate error on mac.

An “Invalid Certificate Error”  on Mac, specifically when encountered in a web browser like Safari, indicates that there is an issue with the SSL/TLS certificate presented by a website. SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that provide secure communication over networks, such as the Internet. These protocols ensure that the data exchanged between a user’s device and a website’s server is encrypted and secure.

SSL/TLS certificates play a crucial role in this process by validating the authenticity of a website and establishing a secure connection. When you visit a website, your browser checks the website’s certificate to verify its identity. If the certificate is valid, properly issued by a trusted Certificate Authority (CA), and not expired, your browser establishes a secure connection. However, if there’s an issue with the certificate, you’ll see an “Invalid Certificate Error.”

Certificate errors in Safari  occur when the browser detects an issue with the SSL/TLS certificates used by a website to establish a secure connection. SSL/TLS certificates are digital documents that validate the identity of a website and encrypt data exchanged between the user and the website. When Safari encounters a problem with these certificates, it displays an error message to prevent users from accessing potentially unsafe websites.

There are a few common scenarios that can trigger an “Invalid Certificate Error” , Explore our step-by-step guide on resolving safari certificate errors  and enjoy uninterrupted browsing.

Expired Certificate: SSL/TLS certificates have an expiration date. If the certificate presented by the website has expired, your browser will flag it as invalid.

Untrusted Certificate Authority: If the certificate is not issued by a recognized and trusted Certificate Authority, your browser will treat it as invalid.

Certificate Chain Issues: SSL/TLS certificates are often issued in a chain, with an intermediary CA and a root CA. If any part of this chain is not properly configured or trusted, it can lead to an invalid certificate error.

Hostname Mismatch: The certificate is issued for a specific domain or hostname. If you’re trying to access the site using a different URL, your browser might consider the certificate invalid.

Self-Signed Certificates: Some websites use self-signed certificates instead of those issued by trusted CAs . While they can provide encryption, they’re not automatically trusted by browsers, resulting in an invalid certificate error.

Certificate Revocation: If the website’s certificate has been revoked due to security concerns, your browser will consider it invalid.

Mismatched Public and Private Key: If there’s a mismatch between the public key in the certificate and the corresponding private key on the server, it can lead to an invalid certificate error.

It’s important to note that while encountering an invalid certificate error can be frustrating, these errors are designed to protect users from potentially harmful websites and secure their data. In some cases, you might be able to proceed to the website if you’re certain it’s legitimate, but exercise caution when doing so.

If you encounter an invalid certificate error, it’s recommended to ensure that you’re accessing legitimate and secure websites. If you’re uncertain about the legitimacy of a website or the nature of the error, it’s best to avoid proceeding and potentially exposing your personal information to security risks.

It’s important to take these warnings seriously, as they are designed to protect you from potentially harmful websites and unauthorized access to your data. If you’re certain that the website you’re trying to access is legitimate, you can proceed with caution. However, exercise vigilance and ensure you’re visiting secure websites to avoid falling victim to online scams or security breaches.

Fixing an “Invalid Certificate Error”  on your Mac involves troubleshooting the underlying issues related to SSL/TLS certificates. Here’s a step-by-step guide to help you resolve this error:

Check Date and Time Settings: Click on the Apple menu in the top-left corner of your screen and select “System Preferences.”  Choose “Date & Time”  and ensure that the option to “Set date and time automatically”  is enabled. An incorrect system date and time can trigger certificate errors.

Clear Safari Cache and Cookies : Open Safari and click on “Safari”  in the top menu. Select “Preferences”  and navigate to the “Privacy”  tab. Click “Manage Website Data”  and remove stored data for the affected website. Cached data can sometimes cause certificate errors.

Update Safari: Outdated browsers can sometimes have issues with certificate validation. Check for updates by clicking the Apple menu, selecting “System Preferences,”  and then choosing “Software Update.”  Install any available updates for Safari.

Check the Website URL: Ensure you’re accessing the website using the correct URL and domain. Mismatched URLs can trigger certificate warnings.

Use a Different Browser: If the error persists in Safari, try accessing the website using a different browser like Google Chrome or Mozilla Firefox. This can help determine if the issue is specific to Safari.

Proceed with Caution: If you’re certain that the website is legitimate and you want to proceed despite the certificate error, you can often do so by clicking on the “Advanced”  or “Show Details”  option (if available) on the error page. However, exercise caution when bypassing warnings.

Check the Certificate Chain: Click on the “Advanced”  or “Show Details”  option on the error page to view the certificate details. Verify that the certificate chain is complete and issued by a trusted Certificate Authority. If there are any issues with the chain, it could trigger the error.

Contact Website Support: If you continue to experience the error, reach out to the support team of the website you’re trying to access. They might be able to provide insight or resolve the issue from their end.

Check for Network Interference: If you’re on a network with strict security settings, proxies, or firewalls, they might interfere with SSL/TLS connections. Try accessing the website from a different network to see if the error persists.

Update macOS: Ensure your macOS is up to date. Sometimes, system updates can include security patches that affect SSL/TLS certificate validation.

Scan for Malware or Adware: Use reputable antivirus or antimalware software to scan your Mac for potential malware or adware that might be causing certificate errors.

Remember that while some certificate errors can be bypassed, it’s crucial to exercise caution and only proceed if you’re confident about the legitimacy of the website. Invalid certificate errors are designed to protect your data and privacy, so avoid accessing websites that trigger these warnings unless you’re certain they’re safe.

Encountering a certificate error in Safari  on your Mac might be an inconvenience, but it’s a sign that your browser is working to keep you safe. By following the steps outlined in this guide, you can often resolve these issues and continue browsing securely. Remember, while there are workarounds like bypassing warnings, it’s always best to ensure that you’re visiting legitimate and secure websites to protect your personal information and sensitive data.

Latest Articles

• Perfect Microsoft Access Alternative for Mac Users
• How to Convert FLAC to MP3 on Mac and Windows
• Troubleshooting Apple Music Not Working on Your Mac
• How to Pause Watch History YouTube [2023 Full Guide]
• How to Delete Your iCloud Account: A Step-by-Step Guide
• PNG Vs JPG: A Battle of The Popular Image Formats
• Troubleshooting Tips: How to Connect Beats to Mac

Tips & Tricks

Troubleshooting, why does safari say “not secure” for some webpages on iphone, ipad, or mac.

If you’re a Safari user who recently updated iOS or MacOS, you may occasionally run into a “Not Secure” message near the top of the screen when viewing some websites or while browsing the web.

That ‘Not Secure’ text is simply a notification from Safari that the webpage or website is using HTTP, rather than HTTPS. This is also reflected in the URL prefix of a website, for example https://osxdaily.com vs https://osxdaily.com

The “Not Secure” message is not an indication of any change in device security. In other words, the device and website is no more or no less secure than it was before updating the web browser and seeing the “Not Secure” message. By seeing the ‘Not Secure” Safari message on an iPhone, iPad, or Mac you are simply being informed by Safari that the website or webpage being visited is using HTTP rather than HTTPS, or perhaps that HTTPS is misconfigured at some technical level.

The “Not Secure” message may also be seen if the website has an expired SSL certificate, or an improperly configured SSL certificate, in which case that is an issue with the website itself. Again, this is not reflective of on-device security (ie; the iPhone, Mac, iPad, etc is not any less secure, it’s an issue with the website itself).

HTTP stands for HyperText Transfer Protocol and has been the standard web protocol since the beginning of the web. By default, HTTP does not encrypt communication to and from the website. You can learn more about HTTP on Wikipedia if interested.

HTTPS stands for HyperText Transfer Protocol Secure, and until recently was mostly reserved for websites where encryption matters, like with an online banking website, or anything where submitting sensitive data to and from a web site should be encrypted. When a website is using HTTPS properly it means the communication to and from the website is encrypted. You can learn more about HTTPS on Wikipedia if you’re interested.

Because both Safari and Chrome now use the “Not Secure” text in the URL bar of HTTP pages, it’s likely that more and more webpages will start moving to HTTPS simply to avoid any confusion for site visitors. Moving to HTTPS from HTTP is a technical process, so while many websites will have moved to HTTPS already others have not yet done so and remain on HTTP.

It is worth pointing out that if you see a “Not Secure” message on an online banking website or a website where you are want to transmit sensitive data like a credit card number or social security number, than you should probably close that website. However, if you see the “Not Secure” text on a website where you are not inputting or transmitting any sensitive data, like a news website, information site, blog, or personal site, it likely doesn’t matter much as long as there are no logins and no transfer of sensitive information, which is when encryption matters the most.

For those wondering, the ‘Not Secure’ message in the URL bar of Safari on iPhone, iPad, and Mac OS was introduced with iOS 12.2 update and MacOS 10.14.4 update , and will likely persist with future iOS and MacOS versions of Safari too. It’s also worth pointing out that the Google Chrome browser has a similar ‘Not Secure’ message in the address / search / URL bar in modern versions of Chrome as well.

Enjoy this tip? Subscribe to our newsletter!

Get more of our great Apple tips, tricks, and important news delivered to your inbox with the OSXDaily newsletter. 

You have successfully joined our subscriber list.

Related articles:

• How to Use “Secure Empty Trash” Equivalent in OS X El Capitan
• How to Turn Off Split Screen in Safari for iPad? Exiting Safari Split Screen in iPadOS
• Secure Empty Trash in Mac OS X
• OSXDaily.com Privacy Policy

23 Comments

» Comments RSS Feed

Your suggestion to learn more about the protocol by visiting https://en.wikipedia.org/wiki/HTTPS might have been useful if Safari hadn’t said “cannot open because this website is not secure” !! Try updating the article to address older iOS versions.

What is the issue you are having?

Great article. Tells me everything I never wanted to know about why I can’t browse to a website. So much “doesn’t work, don’t care” in this article.

So glad it helped you understand why you might see the “Not Secure” badge on a website. It can also be because of expired certificates etc, but just Not Secure will not block you from seeing a site.

This is helpful thanks for the information, sounds like scare mongering!

I now understand why people suddenly decide to go off to live in the middle of the woods. I give up. I used to love modern technology, but I don’t like being spied on. I’m going off grid.

I can’t even bloody open my hospital website to get a contact number for a ward as it says “not secure” and won’t open, so I don’t know what others are saying that it doesn’t affect your browsing! It does!. 😡

I agree, I get the message and the iPad won’t open the site.

Even this site is ‘Not Secure’! Will I regret writing on here. I’ve just spent an hour on Vodafone chat about it thinking my phone had been hacked. I was told to change my browser to Chrome or Firefox.

Jill, here is an article that describes what the “Not Secure” message usually means if you see it on iPhone, iPad, or Mac web browsers:

https://osxdaily.com/2019/03/29/safari-not-secure-website-ios-mac/

I don’t care if I can still search. How do I turn the damn thing off? I have an iPad. I don’t want one more thing to ignore. I accidentally hit the update button and I’m always sorry. Apple seems to delight in aggravating users.

Is there anyway to turn it off or turn whatever off that’s making it do this? Almost everything I try to search does it and I can’t do anything!! I’m very angry 😡

Are you seeing something else? Certificate warnings? What is the device or OS?

The “Not Secure” Safari badge is only a message and has no impact on the ability to use Safari or the websites, you can still search and go to websites as normal, it’s just a goofy message that can be ignored with no impact on using websites, the only websites where it matters are banking and personal data website like health, email, financial, tax, etc. All it is basically is a notification indicating the website is HTTP rather than HTTPS. For the vast history of the web, HTTP was used until very recently.

this site IS using a https and it still says that on my iPhone but not my mac

https doesn’t just encrypt content it also prevents it from being modified. Hotels have been found changing the ads in news pages and replacing them with their own to make money. The company hosting the page loses the ad revenue.

That is true too, I have heard of some telecom companies doing that same thing in other parts of the world as well.

And for web sites that are ad-supported, that should be a good motivating factor to get migrated to https!

https://www.osxdaily.com = 24 Characters https://osxdaily.com = 23 Characters Not Secured – osxdaily.com = 26 Characters

Once again. Apple tries to reinvent the wheel and make it bloated, like their apps and updates. I use to really like Apple. OS X actually (not an iPhone user) but they just annoying me now.

And because none of this is banking it doesn’t even matter.

It’s alarmism. Like putting a big NOT SECURE sticker on a car because it might theoretically get into a car accident.

Honestly, it is annoying that they focus so much on saying the site is “not secure” if it doesn’t use SSL/TLS. Some sites are informational only and don’t need to be encrypted.

I agree completely, and it only confuses people who don’t know that HTTP (“Not Secure”) has been the web standard they’ve been using for decades already before.

Why is OSXDaily not using https at the first place? Even if I try to force https it redirects to http

We use https on the admin side, http on the public side. We’ll have to tackle https on the public side at some point to avoid confusion.

But ultimately there is no sensitive information being transmitted here, so it really does not matter much.

Paul, your argument is not exactly accurate:

https://https.cio.gov/everything/

> Every unencrypted HTTP request reveals information about a user’s behavior, and the interception and tracking of unencrypted browsing has become commonplace. Today, there is no such thing as non-sensitive web traffic, and public services should not depend on the benevolence of network operators.

Leave a Reply

Name (required)

Mail (will not be published) (required)

Subscribe to OSXDaily

• - How to Install Java on Mac with M3, M2, M1 Apple Silicon Chip
• - Install & Run iTunes, Aperture, or iPhoto in MacOS Sonoma with Retroactive
• - 17 Numbers Keyboard Shortcuts for iPad
• - How to Find a Misplaced Apple Watch with iPhone’s Ping My Watch
• - How to Install VMWare Tools in Windows on VMWare Fusion for Mac
• - PSA: Updating to MacOS Sonoma or iOS 17 May Enable iCloud Keychain
• - iOS 17.5.1 & iPadOS 17.5.1 Update Released to Fix Reappearing Deleted Photos Bug
• - MacOS Ventura 13.6.7 & macOS Monterey 12.7.5 Updates Available
• - iOS 16.7.8 & iPadOS 16.7.8 Updates for Older iPhones & iPads Available
• - iOS 17.5 & iPadOS 17.5 Updates Released with Bug Fixes

iPhone / iPad

• - How to Change the Voice of ChatGPT on iPhone, Mac, iPad
• - sysmond on Mac Using High CPU? Here’s the Likely Reason & How to Fix It
• - How to Factory Reset Mac (MacOS Sonoma & Ventura)
• - How to Fix the Apple Watch Squiggly Line Screen
• - What Does the Number Badge Mean on Microsoft Edge Icon?
• - How to Hide iPhone Keyboard When It’s Covering Buttons & Won’t Go Away

About OSXDaily | Contact Us | Privacy Policy | Sitemap

This website is unrelated to Apple Inc

All trademarks and copyrights on this website are property of their respective owners.

© 2024 OS X Daily. All Rights Reserved. Reproduction without explicit permission is prohibited.

How to Fix Website Not Secure Error in Safari

Authored by: Support.com Tech Pro Team

1. Introduction

Not being able to access your regular sites while browsing can be frustrating. In many cases, they are caused by a website that's not configured properly, but you can double check your date and time and clear your Safari history.

This guide will help you ensure that Safari on your Mac or iOS device isn't the cause of these security errors. We will check:

• Computer date and time
• Safari cache and cookies

Tools You'll Need:

• A paperclip
• iPhone charging cable
• Access to a computer with iTunes installed
• Any other non-consumable tools needed
• Comment out tools section if no tools are necessary

Supplies You'll Need:

• Any other consumable supplies
• Comment out supplies section if no supplies are necessary

Before You Begin:

• You must have access to a computer with iTunes installed.
• You must have that thing for the other thing so you can do the thing.

You must have this thing before you whatever.

• Title of GP User Should Do First
• Each individual prereq should have its own box like this. Not all will contain multiple links.
• Comment out prerequisites section if no prereqs are necessary

Windows runs on computers produced by multiple companies, such as Lenovo, Asus, Dell, Toshiba, Hewlett Packard, Acer, and Sony.

Apple is the only company that makes macOS computers.

2. Make Sure Date and Time are Correct

Security certificates are used by our web browsers and computers to make sure a particular site is safe. Think of it as a form of ID. A website having a valid security certificate lets your browser know that the website claiming to be your bank is actually your bank, and so on. Just like our own government issued IDs have expiration dates, so do security certificates. If your computer has the wrong date and time set, this can cause certificates to appear invalid & your web browser will begin to issue security warnings. iOS devices (such as your iPhone or iPad) all set their date and time automatically, so this is something that would only affect your Mac computer.

If you notice that your Date and Time is continually incorrect even after adjustment, reach out to Apple support. Some models may require a CMOS battery replacement.

• Select the time display in the top-right corner of your screen. This will display the date and time set on your computer.
• Make sure both the date and time are correct.

• If the date and time are not correct, select the time display in the top-right corner of your screen, then select Open Date & Time Preferences .

• Select the lock in the bottom-left corner to make changes.

• Enter your Mac's username and password, then select Unlock .

• In most cases, letting your Mac take care of setting the time is the best choice.
• Make sure there is a check for Set date and time automatically , and make sure a time server close to you is chosen.

• If you want, you can set the time manually.
• Remove the check for Set date and time automatically , then enter the correct date and time . Then select Save .

• Select Time Zone , then select your closest region on the map, and refine it by choosing the city you are in, or the city closest to you, from the list below.

3. Clear Browser History

After verifying that the date and time on your device is correct, test things again. If you're still having issues with security warnings on a particular website, your browser could be holding onto some outdated or bad data in the form of an old cookie, cached version of the website, etc. Clearing this data allows your browser to load the website freshly as if it had never been there before. 

For Safari on a Mac Computer

• Open Safari .
• Select the Safari menu, then select Clear History .

• Select Clear all history , then select Clear History .

For Safari on an iPhone or iPad

• Select Settings .

• Select Safari .

• Select Clear History and Website Data .

• Select Clear History and Data on the confirmation screen.

This action may make browsing the web less convenient for a while. Safari will have forgotten the websites you've been visiting so it will not suggest them as you type unless they've been previously bookmarked. These will build back up over time.

4. Try the Webpage Again

With your browser's website data removed, try to visit the website again. If you still receive security warnings, the issue is with the website itself, and not your device or its web browser. In this case, there is nothing you can do to resolve the error. Once the website owner/manager resolves the issue, you will stop receiving security warnings when you visit the website.

Privacy Matters

Support.com is committed to your privacy We do not share or sell your data to third parties. We do use cookies and other third-party technologies to improve our site and services. The California Consumer Privacy Act (CCPA) gives you the ability to opt out of the use of cookies, third-party technologies and/or the future sale of your data. Do not sell my personal information .

Support.com is committed to your privacy Read our Privacy Policy for a clear explanation of how we collect, use, disclose and store your information

Safari User Guide

• Get started
• Go to a website
• Bookmark webpages to revisit
• See your favorite websites
• Use tabs for webpages
• Import bookmarks and passwords
• Pay with Apple Pay
• Autofill credit card info
• View links from friends
• Keep a Reading List
• Hide ads when reading
• Translate a webpage
• Download items from the web
• Add passes to Wallet
• Save part or all of a webpage
• Print or create a PDF of a webpage
• Interact with text in a picture
• Change your homepage
• Customize a start page
• Create a profile
• Block pop-ups
• Make Safari your default web browser
• Hide your email address
• Manage cookies
• Clear your browsing history
• Browse privately
• Prevent cross-site tracking
• See who tried to track you
• Change Safari settings
• Keyboard and other shortcuts

Change Security settings in Safari on Mac

To change these settings, choose Safari > Settings, then click Security.

Open Safari for me

How to manage privacy and security settings in Safari on Mac

Apple continues to add new features to Safari on a regular basis to try to make our web browsing experience faster, easier, and—above all—more secure.

You can open up a private browser window anytime you want in Safari's file menu and Safari won't save your browsing history and will ask websites you visit not to track you. But there are a few more steps you might want to consider taking.

The place to go for most of these things is in Safari's preferences window, accessed from the Safari menu.

How to guard against unsafe files

How to identify fraudulent websites, how to disable javascript, how to prevent cross-site tracking, how to block all cookies in safari, how to remove website data, how to clear your browsing history, how to check for apple pay on websites, how to allow or deny camera, microphone, and location access, how to block pop-up windows.

As with all things related to security, there's a balancing act between convenience and safety. Safari will automatically open certain types of "safe" files you download from the web as a matter of convenience. But because a malicious file could be disguised as a "safe" file, it's a good idea to guard against unsafe files—and it's as easy as checking a box.

• Launch Safari . If it's not in the Dock, you can find it in the Applications folder.
• From the Safari menu, choose Preferences... .

• Click the General button.
• Uncheck the box to Open "safe" files after downloading .

Downloads will occur as they usually do, and to the location you have chosen, but the files won't automatically open.

Safari already identifies websites that use encryption (indicated by a padlock icon in the address bar) and an EV certificate which indicates a more extensive identity verification of the website operator (indicated in green). Safari also uses Google Safe Browsing technology--which is simply a list of websites that may contain malware, unwanted software, or phishing scams.

If it's not already on, here's how to do so:

Master your iPhone in minutes

iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!

• Click the Security button.
• Check the box to Warn when visiting a fraudulent website .

If you happen to run across one of these sites, Safari will put up a full-screen warning about the site before you can proceed.

Many—if not all—webpages contain JavaScript, which enables certain functionality for web pages, such as displaying the time and date or displaying an image from a set of options.

You can disable JavaScript if you like, but it may impact the functioning of the web page.

• Uncheck the box to disable JavaScript .

If you've been using Safari and suddenly seen a plethora of lawnmower ads not long after doing some web research about lawnmowers, then congratulations: you've discovered crop-site tracking. It's a way of keeping track of your behavior on one part of the internet to show you ads while using a different part of the internet. If you prefer, you can turn it off.

• Click the Privacy button.
• Check the box to Prevent cross-site tracking and check the box to Ask websites not to track me .

Keep in mind that while you can ask websites not to track you, it's up to the website creator to honor your request.

Cookies are small text files a website may store on your Mac to help identify you or your Mac when you visit the website in the future. Examples of content stored in a cookie are your name, site browsing history, and preferences. If you don't want Safari to use cookies, you can shut it off.

• Uncheck the box to Block all cookies .

If you ever decide to remove website data from your Mac, you can do it selectively for certain websites or remove all the data.

• Click the Manage Website Data... button.
• Select a website and click the Remove button to remove the site's cache, cookies, or local storage or click the Remove All button to delete data for all websites.

Rather than root around through a set of checkboxes and pop-up menus, you can clear your browsing history, cookies, and website data with a menu command.

• From the Safari menu, choose Clear History... .
• From the Clear pop-up menu, choose how far back you want to go.
• Click Clear History .

In addition to the history of the website pages you've visited, you'll also give the heave-ho to recent searches, a list of items you have downloaded, the frequently visited site list, and other information.

If your Mac and other devices have Safari turned on in iCloud preferences, the clear history command will remove the browsing history from Safari on those other devices.

You can enable Safari on your Mac to show you websites that can accept payments via Apple Pay. You can then make the payments from your Apple Watch or iPhone, or using Touch ID if it's built into your Mac.

• Check the box to Allow websites to check if Apple Pay is set up .

Safari includes the ability to determine whether or not websites ask can use your Mac's camera and microphone. Here's how to set it up.

• Click the Websites button.

• From the General section of the sidebar, click Camera .
• Click the pop-up menu for "When visiting other websites" and choose Ask, Deny, or Allow , depending on your preference.

The settings work in exactly the same way for your Mac's microphone and your location. Simply click Microphone or Location in the sidebar. Similarly, you can change the setting for currently open websites to suit your preference.

Some web pages that you visit will automatically display a pop-up window that will block content—often with an ad—that you're trying to view. While this can be annoying, there are some sites that require pop-up windows to work properly. Fortunately, Safari provides fine-grained control of these pop-up windows.

• From the General section of the sidebar, click Pop-up Windows .
• Click the pop-up menu for "When visiting other websites" and choose Block and Notify, Block, or Allow , depending on your preference.

Similarly, you can change the setting for currently open websites to suit your preference.

If you choose Block and Notify, a small icon will appear on the right side of the Smart Search field. Click it to display the pop-up windows for the web page.

Great Mac accessories

Apple AirPods 2 (From $159 at Apple)

The best Apple accessory has gotten betting with AirPods 2. Now offering a wireless charger case, the popular earbuds feature the new Apple H1 headphone chip that delivers a faster wireless connection to your devices, as well as support for "Hey Siri."

Samsung T5 SSD (From $88 at Amazon)

This solid-state drive from Samsung is speedy, tiny, and portable. It also connects using USB-C, making it a perfect companion for your new Mac.

Let us know in the comments below.

Updated August 2019: Updated through macOS Mojave and the macOS Catalina beta.

Mike Matthews is a writer at iMore.com. He has used Apple products all the way back to the Apple II+. He appreciates no longer having to launch apps by loading them from a cassette tape recorder.

'Where Cards Fall' joins Apple Vision Pro games lineup for Arcade members

Satechi's new Thunderbolt 4 Dock is a dream companion for your MacBook

I didn't believe the hype about this Apple TV Plus show — I was so wrong, don't make the same mistake I did

Most Popular

• 2 Satechi's new Thunderbolt 4 Dock is a dream companion for your MacBook
• 3 I didn't believe the hype about this Apple TV Plus show — I was so wrong, don't make the same mistake I did
• 4 Could VR gaming save Apple Vision Pro? These new releases point to a future Apple may not have anticipated
• 5 How to customize your app icons with the Shortcuts app

Digital Trust for:

Enterprise IT, PKI & Identity

Websites & Servers

Code & Software

Documents & Signing

IoT & Connected Devices

Manage PKI and Certificate risk in one place

• Prevent outages
• Certificate Lifecycle Management
• Private PKI Services
• Integrations & advantages

The smarter way to manage certificate lifecycles

• Issue & install
• Inspect & remediate
• Renew & automate
• Assign & delegate

Continuous Signing for CI/CD & DevOps

• Assure code integrity
• Automate software signing workflows
• Centralize key & permission management
• Simplify & enforce compliance

Secure, flexible and global signing

• Establish crypto-unique identities
• Trusted remote identity verification (RIV)
• Intuitive Adobe & DocuSign integrations
• Flexible workflow options

Trusted from silicon to in-the-field

• Healthcare IoT
• Home & Consumer IoT
• Industrial IoT
• Smart City IoT
• Transportation IoT

Device security without compromise

• Embedded trust
• Automated device management
• Centralized control

Accelerate secure app development

• OS- & processor-agnostic development
• Flexible footprint
• Any language

Optimizing Enterprise Certificate Management for Security and Digital Trust

2022 Edition of the TLS/SSL Best Practices Guide

Taming device, identity and certificate sprawl

How to establish a signing policy DevOps will actually adopt

Global perspective on managing document signing and regulations

Secure, update, monitor and control connected devices at scale 

Secure, update, monitor and control connected devices at scale

TLS/SSL Certificates

S/MIME Email Certificates

Verified Mark Certificates

Code Signing Certificates

Document Signing Certificates

Find the right TLS/SSL Certificate to secure your website

Eidas-compliant transaction and website document security solutions.

• DigiCert PQC Playground
• Artificial Intelligence
• The 4 Elements of Digital Trust
• The Case for Compliance
• Zero Trust: Critical to Digital Trust

Digital Trust for the Real World

Explore these pages to discover how DigiCert is helping organizations establish, manage and extend digital trust to solve real-world problems.

• PR & NEWS >
• EVENTS >
• CASE STUDIES >
• WEBINARS >

Ponemon Institute Report

See what our global post-quantum study uncovered about where the world stands in the race to prepare for quantum computing.

LEARN MORE >

DigiCert Partner Network

partnerships delivering digital trust

• System Integrators
• Software Developers & Solution Providers
• Distributors & Resellers
• Managed Service & Cloud Service Providers

BUILT ON TRUST

Digital trust solutions create new opportunities for Acmetek

PARTNERSHIP BUILT ON TRUST

• PKI Support
• Tools: S/MIME Certificate Linter
• Tools: SSL Install Diagnostic
• Tools: Certificate Utility for Windows
• Tools: CSR Creator
• Tools: Check CSR
• Tools: SSL Certificate Installation Instruction
• Documentation
• API Documentation
• Knowledgebase
• What is PKI?
• What is an SSL Certificate?
• What is SSL, TLS & HTTPS?
• How TLS/SSL Works
• What's the difference between DV, OV & EV SSL certificates?

CONTACT OUR SUPPORT TEAM

• 1.866.893.6565 (Toll-Free U.S. and Canada)
• 1.801.770.1701 (Sales)
• 1.801.701.9601 (Spanish)
• 1.800.579.2848 (Enterprise only)
• 1.801.769.0749 (Enterprise only)
• +44.203.788.7741
• Asia Pacific, Japan
• 61.3.9674.5500

CHOOSE YOUR LANGUAGE

• Chinese (Simplified)
• Chinese (Traditional)
• Compare Certificates
• DigiCert® Trust Lifecycle Manager
• DigiCert® Device Trust Manager
• DigiCert® Document Trust Manager
• DigiCert® Software Trust Manager
• DigiCert® DNS Trust Manager

Safari 11 Introduces Improved UI for Certificate Warnings

Earlier this year at its Worldwide Developer Conference (WWDC), Apple announced Safari 11 and gave audiences a preview of the new features for the browser, including a redesigned error pages for SSL certificate warnings.

Safari 11 was officially released last week for macOS and ships with the latest version, High Sierra.

The new certificate warning UI is an important improvement for Safari, and the first major change to its security UI in years.

Understanding the Importance of Security UI

Certificate validation—the process of evaluating if a certificate is trusted—is one of the primary tasks a browser performs to establish an HTTPS connection. This includes a number of steps, including checking the digital signature, ensuring the certificate is valid for the hostname you are connecting to, and evaluating the certificate chain. From a technical standpoint, all major browsers handle validation correctly.

However, browsers need to provide more than technical competence. Invalid certificate warnings with jargon-riddled error messages, coupled with a UI that makes it easy to ignore certificate errors, create security risks.

Browsers serve their user and have a responsibility to consider how the UI they provide enables their users to make a safe decision. In previous versions of Safari, when a user encountered a certificate error, the certificate viewer would open and include an error message, but the wording was unclear and it was not user-friendly. Here is the old error UI from Safari versions 9 and 10:

For the everyday, non-technical audience, this UI did not enable them to make a safe choice.

Clicking “Show Certificate” exposed the certificate chain—information which most users don’t know how to use—and included a message that was more specific about the error.

In some cases, those messages were confusing or downright misleading. For self-signed certificates, which a normal user should never use, the message said, “this certificate has not been verified by a third party,” which does not communicate the risk of using a completely untrusted certificate.

Safari had been using that UI since at least version 7, released in 2013. At that time, the effectiveness of security UI was rarely studied and not well understood. It is only in the last few years that we have seen data-driven improvements in the security UI of web browsers.

Creating Better Warnings

Safari 11’s new UI bears a strong resemblance to Google Chrome’s:

Safari 11 uses a full-page error, similar to what Chrome and Firefox have been using, and borrows a few key design features.

Chrome redesigned its  certificate warning UI in 2015. Supported by an extensive research study , Google’s engineers found that an “opinionated design”—which visually prioritizes the desired choice—led to a significant increase in adherence to the warning. Google’s redesigned UI, which premiered in Chrome 37, had an adherence rate of 58 percent, compared to the previous design’s 31 percent.

Chrome and Safari 11 use opinioned design in the same way: both hide the undesired choice (proceeding past the warning).  You first have to click a button to reveal the option to proceed. In Chrome the button is named “Advanced,” and in Safari 11 it’s “Show Details.” The option to proceed past the error is then a small and visually undistinguished hyperlink.

Safari 11’s certificate warning UI should yield similar improvements to what Google Chrome’s team achieved. By improving adherence rates, Apple is helping users stay safe, and combat “warning fatigue,” a dangerous effect of poorly designed warnings.

Warning fatigue occurs when a user sees a warning too often and believes it is unimportant or incorrect. In addition to frequency, warning fatigue can also occur when a user does not understand what a warning message means.

Safari 11 is available now through the App Store for macOS versions El Capitan (10.11.6) and newer.

Related Stories

Setting Global Standards for Secure Email Certificates

CA/B Forum Update on EV Certificate Improvements

1-Year Certificates are Here: What Now?

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

Featured stories.

• Digital Trust

Pioneering the next wave of secure digital solutions 

From paper to post: The most secure ways to vote

• Device trust

Unlocking Device Trust Manager

A q&a with digicert director of product management kevin hilscher.

The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions. 

• KnowledgeBase
• All Products
• Media Library
• Professional Services
• What are SSL TLS & HTTPS?
• What's the Difference Between DV, OV & EV SSL Certificates?
• Solutions for Matter
• Solutions for Automation
• Solutions for CI/CD
• Solutions for Code
• Solutions for Devices
• Solutions for Documents
• Solutions for CI-Plus
• Solutions for Secure Email
• Solutions for ServiceNow

© 2024 DigiCert, Inc. All rights reserved.

• High Assurance
• Enterprise EV
• Wildcard SSL/TLS
• Multi-domain UCC/SAN
• Enterprise EV UCC/SAN
• Code Signing
• EV Code Signing
• Secure Email (S/MIME)
• Client Authentication
• eSigner Document Signing
• NAESB Certificates

Select Language

We hope you will find the Google translation service helpful, but we don't promise that Google's translation will be accurate or complete. You should not rely on Google's translation. English is the official language of our site.

Troubleshooting SSL/TLS Browser Errors and Warnings

• By SSL.com Support Team
• September 10, 2019
• Categories: SSL/TLS , Troubleshooting
• Tags: Error Message

Browser Errors and Warnings

It’s all too common to encounter browser error messages like this when accessing websites:

These messages typically begin with a bold headline stating that Your connection is not private or Warning: Potential Security Risk Ahead . These messages can be frustrating for users and website owners, especially when the owner has gone to the effort to secure their website with an SSL/TLS certificate. Often, these errors are caused by server misconfigurations that are simple to correct once you know the root cause. In this guide, we’ll go through some common misconfigurations and the error messages associated with them in various web browsers. The browsers used to generate these screenshots were:

• Google Chrome 76.0.3809.100 (macOS 10.14.6)
• Firefox 68.0.1 (macOS 10.14.6)
• Safari 12.1.2 (macOS 10.14.6)
• Edge 44.17763.1.0 (Windows 10 Enterprise)
• Internet Explorer 11.379.11763.0 (Windows 10 Enterprise)

The situations we will cover are detailed in the Table of Contents below.

Expired Certificate

In these cases, the server has a certificate installed that has outlived its validity period and needs replacement:

Solution:  Renew the website’s certificate. End users who are experiencing this error should also confirm that the date and time are set correctly on their computer.

Domain Name Does Not Match Certificate

In these cases, the web server is presenting a certificate that does not match the domain name the user is attempting to access:

Solution:  Make sure that the common name and/or a subject alternative name listed in the certificate matches the website’s domain name.

Incomplete Chain of Trust

If a web server does not have a complete chain of trust including all necessary intermediate certificates installed, these errors can result:

Solution: Make sure that a complete certificate chain is installed on your server. Please see our article on diagnosing and fixing this problem for more information.

Revoked Certificate

Sometimes, due to server compromise or compliance issues, certificates must be revoked before their scheduled expiration date (for an example, see the serial number entropy issue of early 2019). Failing to replace a revoked certificate will lead to these error messages:

Solution: generate a new website certificate chained to a valid, publicly trusted root and intermediate certificates.

• Error Message

SSL.com Support Team

Stay Informed and Secure

SSL.com  is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from  SSL.com .

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

• Privacy Overview
• 3rd Party Cookies

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our  Cookie and privacy statement .

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Safari's 'Not Secure' Warning for Websites with Let's Encrypt Certificates

Abstract: A website's certificate has been automatically renewed via Let's Encrypt, but Safari continues to display a 'not secure' warning.

Safari's Not Secure Warning for Websites Without Lets Encrypt Certificates

In recent years, web browsers have started to display a "Not Secure" warning for websites that do not have an SSL/TLS certificate installed. This is an effort to encourage website owners to secure their sites and protect their users' data. One such browser that displays this warning is Safari, which is the default browser on Apple devices. However, there is a free and automated solution to this problem: Lets Encrypt certificates.

What is a Lets Encrypt Certificate?

Lets Encrypt is a nonprofit Certificate Authority (CA) that provides free, automated, and open SSL/TLS certificates. These certificates are used to encrypt the connection between a user's web browser and the website they are visiting, ensuring that all data passed between the two is secure. Lets Encrypt certificates are trusted by all major web browsers, including Safari.

Why is Safari Displaying a "Not Secure" Warning?

Safari, like other web browsers, wants to ensure that its users are protected from potential security threats. One way it does this is by displaying a "Not Secure" warning for websites that do not have an SSL/TLS certificate installed. This warning is meant to alert users that the website they are visiting is not using a secure connection, and that their data may be at risk.

However, this warning can be misleading, as many websites without SSL/TLS certificates are not necessarily insecure. Instead, they simply have not yet implemented a certificate. This is where Lets Encrypt comes in.

How to Fix the "Not Secure" Warning with Lets Encrypt

To fix the "Not Secure" warning in Safari, website owners can install a Lets Encrypt certificate. This process is automated and can be done for free using a tool such as Certbot. Once the certificate is installed, the website will be able to establish a secure connection with the user's web browser, and the "Not Secure" warning will no longer be displayed.

Benefits of Using Lets Encrypt Certificates

There are several benefits to using Lets Encrypt certificates, including:

• They are free and automated, making it easy for website owners to secure their sites.
• They are trusted by all major web browsers, ensuring that users are protected.
• They help to improve a website's search engine ranking, as search engines favor sites that are secure.
• They help to build trust with users, as they see that the website takes their security seriously.

The "Not Secure" warning in Safari can be alarming for website owners and users alike. However, it is easily fixed by installing a Lets Encrypt certificate. This not only helps to secure the website, but also improves its search engine ranking and builds trust with users. With Lets Encrypt, securing a website has never been easier or more affordable.

• Lets Encrypt
• Why HTTPS Matters

Tags: :  Safari Certificates Security

Latest news

• Configuring Git: Load Additional Files Based on Current Working Directory
• Programmatically Add Custom Tax Value to WooCommerce Order
• Calculating Additional Combinations of a Given List in Python
• Understanding Interfaces and Web APIs in JavaScript: A Deep Dive
• Automatic Display of Regression Equation: ggplot Example
• Securing ASP.NET Core 8 WebAPI with ADFS (OAuth) Authorization
• Handling Invalid Serialized Messages with Quarkus and SmallRye Mutiny
• Combining Values in a Dictionary: A Software Development Approach
• Resolving Java.security.cert.CertPathValidatorException: Algorithm constraints check failed - signature algorithm: SHA1 with RSA in MySQL Cloud Connection
• Removing Plots using HTTP gd-vc Code: A Backend Approach
• Generating JMeter Scripts with Kotlin: jMeter via Kotlin does not generate properties
• Determining Order Points Along the Best Fit (Green) Line for Given Points
• Resolving CUDA Access Violation in C# App when Using CUDA API Functions
• Despite Import, 'errorDateFormat' Still Highlighted in Red
• Selenium Issue: DevTools Active Port File Doesn't Exist (SessionNotCreated)
• MongoDB Command 'find' Requires Authentication: Securing a Node.js Application
• Creating a Virtual Machine Without Installing an Operating System using Vagrant or Packer
• Understanding Disposition Repetition with Itertools in Rust
• Downloading Calendar Exchange Server: A Guide
• Testing Custom Field with Django, SQLite3 and without Constraint Checking: A Step-by-Step Guide
• EF Core TPH Mapping: Derived Type Property Table Column
• High Memory Consumption in JAX-WS Client Using OpenLiberty: A Solution
• Migrating Projects: Creating SPM Static Libraries that Produce Dynamic Frameworks
• Understanding GTM Variables and Custom HTML Tags
• Problem with PrimeFaces 13 File Download in test.xhtml
• Error in Building Quarkus Native Image: NoSuchMethodException
• Using Aliexpress IOP Client Unit in Delphi: A Closer Look
• Error Parsing JSON with VBA-WEB: A Solution
• JMSSerializer Enum Support in PHP
• Making a Simple Webpage: Responsive Design - Equal Height Text and Photo Without Setting Column Height
• Error in Telegram Bot Development: AttributeError with 'filters' module
• Make Google Maps Frames Smaller: A Guide for Developers
• Troubleshooting Excel Formula: 'N/A' Return in Excel Sheets Version 1.14
• SwiftUI: Making Accessibility Focus States Work in NotworkingLists
• Understanding Enumeration Input Argument in JSON Function Signatures

Thank you for taking the time to respond. The NETGEAR documentation team uses your feedback to improve our knowledge base content.

Rating Submitted

Do you have a suggestion for improving this article?

Characters Left : 500

MyNETGEAR® Account

Welcome back

Access your NETGEAR

NETGEAR Support

I get a security warning in my browser when I try to log in to my NETGEAR or Orbi router; what do I do?

Was this article helpful?    Yes      No

Newer NETGEAR and Orbi routers feature secure web access from your local area network (LAN). This means that web access to your router is encrypted through Hypertext Transfer Protocol Secure (HTTPS) instead of the Hypertext Transfer Protocol (HTTP). The extra security provided by HTTPS requires your web browser to look for a signed certificate to verify that https://www.routerlogin.net or https://www.orbilogin.net is safe.

NETGEAR routers use self-signed certificates to encrypt the data that is transferred over these domains. When you enter your router’s IP address or domain name in the address field of your browser, a security warning might display because of the self-signed certificate. This is expected behavior. You can proceed by following the instructions in your browser or add an exception for the security warning. If you add the router’s certificate, your computer saves this information, and the browser warning no longer displays when you log in to the router.

Select your browser from the following list and complete the steps to add the self-signed certificate for  https://www.routerlogin.net  or https://www.orbilogin.net  to your computer. After the certificate is added, your computer saves this information and no warnings display.

To save the certificate for your NETGEAR or Orbi router in your browser:

  Google Chrome

• Launch Google Chrome and visit www.routerlogin.net  or www.orbilogin.net . A security warning displays.
• Click  Advanced >   Proceed to www.routerlogin.net  (unsafe)  or Advanced >   Proceed to www.orbilogin.net (unsafe) . A login window displays.
• Enter your user name and password. The user name is  admin . The password is the one that you specified the first time that you logged in. The user name and password are case-sensitive. The BASIC Home page or Dashboard displays.
• Click the red triangle icon next to Not secure  in your address bar.
• Click  Certificate (Invalid) .
• Select Details > Copy to File .
• An installation wizard displays.
• Click Next .
• Make sure the default DER encoded binary X.509 (.CER) option is selected.
• Click Next > Browse and save the certificate to a convenient location.
• Click Next > Finish > OK .
• Navigate to the folder where you saved the certificate and double-click the file. The General tab displays.
• Click  Install Certificate . An installation wizard displays.
• Click Next and select the  Place all certificates in the following store radio button.
• Click  Browse >   Trusted Root Certification Authoritie s .
• Click OK > Next > Finish .
• Follow the prompts to install the certificate.

Note: If you enter your router’s IP address instead of www.routerlogin.net  or www.orbilogin.net , Google Chrome still displays a warning message because the certificate you installed only corresponds to the domain name.

  Apple Safari

• Launch Safari and visit www.routerlogin.net  or www.orbilogin.net . A security warning displays.
• Click Show Details > Visit this website . A prompt asking if you want to proceed displays.
• Click  Visit Website to proceed.
• Enter your Mac user name and password and click Update Settings .

  Microsoft Edge

• Launch Microsoft Edge and visit www.routerlogin.net  or www.orbilogin.net . A security warning displays.
• Click  Details > Go on to the webpage .
• Click the red triangle icon next to Certificate error  in your address bar.
• Click  View Certificates . The Certificate Information tab displays.
• Click  Export to file  and save the file in your desired location.
• Navigate to the folder where you saved the certificate and double-click the file that you just saved.
• Click Install Certificate . An installation wizard displays.
• Select the  Place all certificates in the following store radio button.
• Click  Browse > Trusted Root Certification Authorities >  Next .

Note: If you enter your router’s IP address instead of www.routerlogin.net  or www.orbilogin.net , Microsoft Edge still displays a warning message because the certificate you installed only corresponds to the domain name.

  Mozilla Firefox

• Launch Firefox and visit www.routerlogin.net  or www.orbilogin.net . A security warning displays.
• Click Advanced > View Certificate .
• Select Details > Export .
• Navigate to a convenient location and click Save .
• Navigate to the folder where you saved the certificate and double-click the file.
• Click Install Certificate . An installation window displays.
• Make sure that the Permanently store this exception  option is selected.
• Click  Browse > Trusted Root Certification Authorities .

Note: If you enter your router’s IP address instead of www.routerlogin.net  or www.orbilogin.net , Mozilla Firefox still displays a warning message because the certificate you installed only corresponds to the domain name.

  Microsoft Internet Explorer

• Launch Internet Explorer and visit www.routerlogin.net  or www.orbilogin.net . A security warning displays.
• Click  Continue to this website (not recommended) . A login window displays.
• Click the red shield icon next to Certificate error  in your address bar.
• Select the Tools tab in your browser.
• Select Internet Options > Security .
• Clear the Enable Protected Mode option. Note : You can restore this setting after installing the certificate.
• Click Apply > OK .
• Restart Internet Explorer.
• After restarting Internet Explorer, repeat steps 1-5.  
• Select the radio button for  Place all certificates in the following store .
• Click  Browse >Trusted Root Certification Authorities .
• Click OK > Next .

Note: If you enter your router’s IP address instead of www.routerlogin.net  or www.orbilogin.net , Microsoft Internet Explorer still displays a warning message because the certificate you installed only corresponds to the domain name.

​For more information:

• What is DNS over HTTPS (DoH) and how does it affect my NETGEAR router?
• How do I enable HTTPS when accessing my NETGEAR router?

Last Updated:03/14/2023 | Article ID: 000061003

Was this article helpful?

This article applies to:.

• LBR20-1BNCNS
• LBR20-1H3NDS
• LBR20-1H3SDS
• LBR20-1USNAS
• NBR750-1BNCNS
• RBR350-1VNNZS
• RBS350-1VNNZS
• XR1000-1RNNAS (ENTOUCH)
• XR1000-1RNNAS (GRANDE)
• XR1000-1RNNAS (RCN)
• XR1000-1RNNAS (WAVE)

Read this article in another language:

Looking for more about your product.

Get information, documentation, videos and more for your specific product.

Can’t find what you’re looking for?

Quick and easy solutions are available for you in the NETGEAR community.

Need to Contact NETGEAR Support?

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

Complimentary Support

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

NETGEAR Premium Support

Gearhead support for home users.

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

• Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
• Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
• Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

ProSUPPORT Services for Business Users

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

• Product Installation
• Professional Wireless Site Survey
• Defective Drive Retention (DDR) Service

Where to Find Your Model Number

To find the model/version number, check the bottom or back panel of your NETGEAR device.

Select a product or category below for specific instructions.

Nighthawk Routers

Powerline and Wall Plug Extenders

Cable and DSL Modem Routers

ReadyNAS Network Storage

Wireless Access Points

Other Business Products

Mobile Broadband