How to fix “this site can’t provide a secure connection” error

Key takeaways

SSL certificates enable encrypted, secure website connections.
Common issues include invalid SSLs, incorrect time, outdated caches, and server misconfigurations.
Errors appear differently in different browsers.
Solutions include updating SSLs, clearing caches, enforcing HTTPS, and adjusting DNS or software settings.

How many times have you tried accessing a website, only to have the “This Site Can’t Provide a Secure Connection” error pop up? Whether you’re a visitor, or the website owner, seeing this error might be alarming. Due to its nature, it might be slightly deceptive as well.

The unsecure connection error message in Chrome.

Occasionally, this error will clear out with a single refresh of the website, but more often than not, it’ll require some additional troubleshooting.

Ready to get started?

Get the fastest, most secure VPS hosting services on the market.

Explore VPS hosting

What is the “this site can’t provide a secure connection” error?

A secure connection error will show up if the server claims the website you’re accessing is HTTPS compliant but doesn’t provide proof for it.

A secure connection error is one of the most common errors you’ll encounter when browsing the web. Due to its complexity, browsers sometimes won’t be able to provide precise additional information about it. It might refer to anything from internet connection issues to the misconfiguration of SSL on the website you’re trying to visit.

A secure connection to a website is simply a connection that enables encrypted communication between your browser and the server the website is hosted on. SSL (Secure Sockets Layer) is the technology that makes this encryption possible, ensuring that any data you send or receive is kept private and secure from outside interference.

The encrypted connection is enabled if a website has a valid SSL certificate installed on it. The SSL certificate needs to be issued by a certificate authority, and it needs to be issued specifically for the domain name the website you’re trying to access is using.

When you visit an HTTPS site, your browser runs through what’s called an SSL handshake. It’s a quick verification process where it checks the site’s certificate before allowing the connection. If anything about that check fails, the browser blocks access and shows you this error.

How the error appears across different browsers

Most browsers will have one general message for most unsecured connection errors, presented in large text, with additional smaller text below it explaining the specifics of the error. The phrasing varies by browser, but the underlying problem is the same regardless of which one you’re using.

Chrome: “This site can’t provide a secure connection” + ERR_SSL_PROTOCOL_ERROR
Firefox: “Secure Connection Failed”
Microsoft Edge: “Your connection isn’t private”
Safari: “Safari Can’t Open the Page”

The unsecure connection error message in Firefox.

Common error codes and what they mean

Chrome and other browsers often display a secondary error code below the main message. These codes point to the specific failure and can help narrow down the fix quickly.

Error Code	What It Means
ERR_SSL_PROTOCOL_ERROR	Generic SSL failure — several possible causes
ERR_SSL_VERSION_OR_CIPHER_MISMATCH	Browser and server don’t share a supported protocol version
NET::ERR_CERT_DATE_INVALID	Certificate is expired or not yet valid
NET::ERR_CERT_AUTHORITY_INVALID	Certificate issuer isn’t trusted by the browser
NET::ERR_CERT_COMMON_NAME_INVALID	Certificate domain doesn’t match the site you’re visiting

What causes this error?

The error message may seem simple, but the underlying causes can vary widely.

Incorrect date and time on your device SSL/TLS certificates are time-sensitive, relying on accurate timestamps to verify their validity. If your device’s date and time are off, your browser won’t be able to confirm the certificate’s status, leading to blocked connections. It’s a simple misstep, but it effectively breaks the trust system that secures online communication.

Missing SSL certificate The website you’re trying to access, and its web server, might not have an SSL certificate installed. This will cause an HTTP connection (not secure) to the server, and all information exchanged between your browser and the server will be in plain text. This might expose both you and the website to malicious attacks depending on the type of information exchanged.

Invalid or expired SSL certificate The SSL certificate that’s installed on the website you’re accessing might not have been issued for the domain the site is currently using. If the SSL installed was issued for another domain, the browser will return an error mentioning a non-secure connection.

Alternatively, the SSL certificate that’s installed on the website you’re accessing might have expired altogether. All SSL certificates are issued for a particular amount of time, and once it passes, the certificates are no longer valid.

Outdated SSL cache in the browser An outdated SSL cache in your browser can create mismatches between stored security data and the current state of a website’s certificate. When this happens, the browser may interpret valid certificates as invalid, leading to connection errors.

Certain extensions that interact with web traffic can compound the issue by introducing conflicts or failing to recognize updated security states. Similarly, a cluttered browser cache may hold onto outdated certificate information, bypassing fresh validation checks.

HTTPS not forced on the server Browsers might still show this error even if the correct and valid SSL certificate is installed on a website you’re visiting. This happens if the server hosting the website in question does not force HTTPS connections and allows information to be exchanged in plain text.

Browser extensions, VPNs, or antivirus software Security software sometimes intercepts SSL traffic as part of its scanning process. When it does, it can disrupt the handshake between your browser and the server, blocking the connection entirely (even when the site’s certificate is valid).

Chrome’s QUIC protocol Chrome’s QUIC protocol, designed for faster connections, can further complicate things by caching SSL data in ways that bypass traditional HTTPS flows. These factors disrupt the handshake process, where your browser and the server confirm the connection’s security.

Fixes for visitors

If you’re landing on someone else’s site and seeing this error, the problem may well be on your end. These steps take a few minutes each and resolve the majority of visitor-side cases.

1. Check your date and time settings

SSL/TLS certificates rely on accurate timestamps to verify their validity. If your device’s clock is wrong, the browser can’t confirm the certificate’s status. Most modern devices automatically set the time and date based on your location, but this feature isn’t foolproof. When it misses, your secure connection takes the hit.

To manually set the date and time on macOS:

Go to System Settings > General > Date & Time.
Toggle Set time and date automatically off.
Authorize when prompted.
Click on the Set button that appears to the right of Date and time and make the changes.

To manually change the date and time on Windows:

Click on the date and time from the right corner of the taskbar.
Click on Date and time settings at the bottom of the calendar.
Toggle the Set time automatically off.
Click on the Change button that’s now ungrayed under Set the date and time manually, and make the changes

One thing worth knowing: this could make you more prone to the very error you’re trying to fix, especially if you’re traveling between different time zones often or you’re in a region with daylight savings. To prevent this, update the date and time in response to significant changes.

Alternatively, toggling the option to automatically set the date and time off then back on forces your device to sync with a reliable server, which is the preferred option.

2. Clear your SSL state and browser cache

Clearing your local cache forces your device to fetch fresh connection data rather than relying on something stored that may now be outdated or mismatched.

Start by clearing your SSL state. On Windows:

Hit Windows + R to bring up the Run app.
In the command text area, type inetcpl.cpl and hit Enter to open the Internet Properties section.
Switch to the Content tab then click on Clear SSL state.</u>

On macOS, open the Terminal app and run:

sudo dscacheutil -flushcache

Then clear your browser cache. In Chrome:

Click the three vertical dots at the top right corner of the window.
Select Delete browsing data.
Choose a time range, one that covers a time before you first visited the problem site.
Select cookies and whatever other site data you want to clear, then click Delete data.

3. Try Incognito / private mode

Open the site in an incognito or private window. If it loads without an error there, a browser extension is almost certainly the cause. Disable your extensions one at a time and reload the page after each, until the culprit is identified.

4. Disable your VPN or antivirus temporarily

Some antivirus programs and VPNs intercept HTTPS traffic as part of their scanning process. Temporarily disabling them will confirm whether they’re interfering. Go through your antivirus solution’s documentation to figure out exactly how to do this.< Re-enable once you’ve confirmed whether it’s the source of the problem.

5. Disable Chrome’s QUIC protocol

Chrome’s QUIC protocol is built for speed, but it handles SSL/TLS differently than standard HTTPS. That difference can sometimes cause conflicts with outdated certificates or cached data, breaking the secure handshake and triggering connection errors. Disabling QUIC forces Chrome to fall back to standard HTTPS, providing a more predictable SSL negotiation and resolving those conflicts.

To turn it off, type chrome://flags into the address bar and hit Enter. In the Available tab, find the option marked Experimental QUIC protocol and change its setting to Disabled.

This exact process also works on other Chromium-based browsers like Edge and Brave.

Fixes for site owners

If you’ve worked through the visitor fixes above and the error still appears, or if you’re getting reports from multiple users across different devices and browsers, the issue is on the server side. Here’s where to look.

6. Check your SSL certificate

Modern browsers give anyone the ability to check the validity of websites’ SSL certificates in a single click. All you need to do is visit any website and click on the padlock icon in the address bar.

For a more thorough diagnosis, run your domain through Liquid Web’s SSL verification tool. It’s a free tool that checks for expiration, domain mismatches, incomplete certificate chains, and other certificate configuration issues. It’s more reliable than a visual browser check alone and can surface problems that aren’t immediately obvious.

If your site throws up an unsecured connection error because its SSL certificate is invalid or expired, you’ll need to update it or install a new one. The exact steps will vary between hosting providers and control panels, so check with yours first.

In cPanel, the process looks like this:

Go to Tools > Security > SSL/TLS.
From the menu on the right, click on Generate, view, upload, or delete SSL certificates.
Follow the instructions and enter the information required to upload or generate a certificate. If you’re generating a certificate, save the .crt file, then open it with a text editor, copy everything, and paste it into the relevant text box. Otherwise, you can upload the .crt file.

If you’re hosting with Liquid Web, free SSL certificates are included with managed hosting and auto-renew for the lifetime of your service.

7. Force HTTPS on your server

Forcing all connections to your site to use HTTPS should resolve the issue for most users.

On an Apache server, add the following to your .htaccess file:

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

On NGINX, add the following to your server block:

server {

listen 80;

server_name yourdomain.com www.yourdomain.com;

return 301 https://$host$request_uri;

}

Go through your existing links and update anything hardcoded with HTTP to use HTTPS so you avoid mixed content errors.

8. Check for mixed content

Even after forcing HTTPS, individual page resources, like images, scripts, and stylesheets, may still be loading over HTTP. Browsers block these, and in some cases they’ll trigger the secure connection error.

Use your browser’s developer tools (open with F12, then check the Console tab) to identify any insecure resources loading on your pages, then update those URLs to HTTPS.

9. Check your DNS settings

It’s possible that there were DNS changes made to your website since you last opened it within a browser. The easiest way to check would be by using an online tool like Complete DNS, where you paste the URL and run the evaluation.

DNS changes can leave browsers holding onto a cached connection state that no longer matches the server’s current configuration. If you’ve recently changed DNS records, give propagation time to complete and then retest.

How to prevent this error going forward

Fixing the error is the immediate goal. Keeping it from coming back is worth a few minutes of setup.

Set your SSL certificate to auto-renew, or use a host that handles renewal automatically. Browsers drop support for older TLS protocol versions with little warning, so keep your server software current. An SSL monitoring tool, or a basic uptime monitor that checks HTTPS status, means you find out about certificate issues before your visitors do.

On the device side, keeping your browser and OS updated ensures compatibility with current SSL/TLS standards. Clearing your cache periodically and keeping antivirus software current prevents the kind of stale state that causes intermittent SSL errors.

Quick reference: which fix is right for you?

If you’re a visitor	If you own the site
Fix date and time settings	Check SSL certificate with SSL Labs
Clear SSL state and browser cache	Renew or reinstall SSL certificate
Try incognito mode	Force HTTPS on your server
Disable VPN or antivirus	Check for mixed content
Disable QUIC protocol in Chrome/Edge/Brave	Review recent DNS changes

Next steps for providing a secure connection

Whether you’re the owner of a particular website or a visitor, one of the most important things we look for when interacting with any website is that padlock in the address bar that promises a layer of security for any data exchanged.

This error looks worse than it usually is. Most cases come down to a clock that needs syncing, a cache that needs clearing, or a certificate that needs renewing, and all of those are fixable in a few minutes.

Even though browsers don’t necessarily provide all the information we need to resolve the secure connection error, it might comfort you to know these can be resolved both on the server and the client end.

In case you’re hosting a website with Liquid Web and encounter a similar issue, our support team is available 24/7/365 and will be happy to help. And with Liquid Web’s managed hosting for WordPress, you’ll also enjoy the added benefit of free SSL certificates that automatically renew for the lifetime of your service, ensuring your site stays secure with minimal effort on your part.