When someone goes to my page they’re getting an error message that says their connection is not private. what’s happening, and how can I fix this?
Thank goodness the internet is becoming more secure! Most web browsers require you to have a Secure Sockets Layer (SSL) certificate to encrypt a user’s data. If a browser can’t verify your site is safe for the user to visit, it will show this error message and give the visitor the choice to move forward – or not. Many users see the error message and immediately back out, never getting to see your awesome site.
What is happening?
The browser verifies your site’s security certificate to confirm the user’s privacy is protected while they are visiting the site. If there is no certificate, or there is a certificate but it’s not fully installed or configured properly, their personal information may not be encrypted and may not be private.
Why does this happen?
There are a few scenarios:
- There is no SSL certificate installed.
- The SSL certificate is installed but is not enforced.
- The SSL certificate has expired.
- The SSL certificate isn’t configured correctly.
- It could also happen when, for instance, you have installed the SSL certificate after you created the site. In this case, the media URLs are not updated to SSL but the rest of your site is. This is known as mixed content and will display a warning message.
How do you fix this?
- Install an SSL certificate. How you do this depends on your hosting provider. Most hosting providers will give you a free SSL certificate, along with detailed instructions for installing and enforcing it.
- Enforce the SSL certificate on your site.
- Check your SSL certificate is current. Your certificate should auto-renew, but it is best practice to check with your hosting provider.
- Check your SSL certificate is working properly.
- Make sure all your URLs are using the SSL certificate.