Why do I see a yellow warning triangle on an HTTPS secured website?

Category: All about SSL certificates

SSL

In modern web browsers, the yellow warning triangle is no longer a common indicator. However, warnings or icons signalling issues with a website’s security can still appear. These warnings usually indicate potential problems that could compromise the security of your connection.

Google Chrome, Microsoft Edge, and Safari have replaced the yellow triangle with explicit warnings such as "Not Secure" for HTTP sites or red warnings for sites with severe security issues. Mixed content is often blocked, and users can find details about issues in the browser’s developer tools.

Anunsecuredwebsite 2

Firefox uses a crossed-out lock or other icons to indicate issues like mixed content or certificate errors. It may also display warnings in the address bar or block insecure content.

Anunsecuredwebsite

An SSL certificate secures the information exchanged between the user, browser, and website in an encrypted way. This if data such as information entered on login, contact and payment forms. An SSL certificate encryption protects the data from being accessed by malicious third parties.

Common reasons for security warnings and how to fix them

Mixed content

HTTPS websites are expected to load all resources (such as images, scripts, and stylesheets) securely. If some resources are loaded over an unencrypted HTTP connection, it creates "mixed content," which weakens the security of the page.

Most browsers will block mixed content and may show a warning in the developer tools or as a message in the address bar.

What to do about mixed content?

Only people with access to the website can fix issues related to mixed content.
Ensure all resources on your website are loaded securely via HTTPS. Update links and scripts to use HTTPS or relative paths to prevent mixed content issues.
You can find Mixed content via your browser's developer tools (usually F12 or Ctrl + Shift + I). Look for mixed content warnings in the console.

SSL/TLS Certificate Issues

Security warnings may occur if:

  • The SSL/TLS certificate has expired.
  • The certificate was not issued by a trusted Certificate Authority (CA).
  • The certificate does not match the domain name. These issues prevent the browser from fully trusting the website.

What to do about SSL certificate issues?

If you are not the owner of a website with an SSL warning message or error, we strongly recommend leaving the site immediately. For your safety, avoid entering personal information on websites that are not secured with SSL.

If you know the URL of the website displaying the warning, you can click on the padlock or warning icon in the address bar to view the certificate details. Look for issues such as expired certificates or mismatched domain names. If you’re able to, consider reaching out to the website owner via social media to inform them about the issue—they'll likely appreciate your help in resolving it.

If you are the owner of the website, then you should renew and verify your SSL/TLS certificate. Ensure it is correctly configured, valid, and issued by a trusted CA.

Incorrect date and time

SSL certificates are valid only within specific dates. If your computer’s date and time are incorrect, it may cause your browser to think a certificate is invalid or expired.

How to fix this?

Set your device’s date and time correctly to ensure proper SSL certificate validation.

Outdated operating system

Older operating systems like Windows XP lack support for modern cryptographic standards (e.g., SHA-256), which are necessary for handling secure connections.

What is the solution to an outdated OS?

Update to a newer operating system or install the necessary updates
Are you the administrator of the website in question? Then ensure that your website supports the latest encryption standards.

Outdated encryption standards

If a website uses weak encryption algorithms or outdated protocols like TLS 1.0 or 1.1 (now deprecated), the connection may still be encrypted but considered insecure by modern browsers.
Server administrators can fix this issue by disabling outdated protocols and enforcing modern encryption standards like TLS 1.2 or 1.3.

Browser outdated or misconfigured

An outdated browser may not support modern SSL/TLS protocols (e.g., TLS 1.2 or 1.3). and misconfigured browser settings, such as disabling necessary protocols or enabling deprecated ones, can trigger warnings can also cause issue.

What is the solution to browser linked SSL issues?

Qualys SSL Labs's browser SSL test page offers you instant insights in the security failings of your browser.

We recommend updating your browser to the latest version to ensure compatibility with modern security standards.

Website administrators can test their website's SSL/TLS configuration and ensure it works with all modern browsers. For a full audit of your web server and your certificate's security, visit Qualys SSL Labs' test page

The analysis will show eventual shortcomings in your web server's configuration, such as negotiating obsolete SSL protocol versions, and whether your encryption makes use of modern, safe algorithms.

If you fail to get a passing grade, or if you're really keen on that A+, try the following:

  • If your web server is at fault, you should contact your hosting company to modify the server configuration, or to upgrade the web server software if needed.
  • If your certificate shows shortcomings, for instance because your key size is less than 2048 bits, or because it was signed with an SHA-1 hash, you should consider requesting a re-issue of your certificate.

Looking for an SSL certificate? Work with Kinamo

We offer an easy-to-use wizard to help you select the perfect SSL certificate for your needs. Plus, our certificates come at very competitive prices, ensuring you get the best value for your security. And have we mentioned our great support yet?

Unsure about the cause of your SSL issues? Let Kinamo's expert team assist you! Kinamo customers benefit from comprehensive SSL support, including help with installation and troubleshooting. If you're not yet a Kinamo customer, don’t worry—reach out today and join our growing customer base. We’re here to make your website security seamless and stress-free!


Related articles

OpenSSL - useful commands

OpenSSL is the true Swiss Army knife of certificate management, and just like with the real McCoy, you spend more...

Read more

Apache - Install SSL Certificate

This article assumes you've received your certificate from the Certificate Authority, and that you wish to install it on your...

Read more

How can I move (transfer) a .com, .net or .org domain name?

If you would like to move (transfer) a domain name (typically com, .net or .org) from your current registrar to...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Kinamo

Select your language