Apple designed Safari to keep you safe while surfing the net on your iPhone, iPad, or Mac. There are lots of security features built in to the app, but the most noticeable is that Safari doesn’t load a webpage if it is not secure.
Usually, Safari’s refusal to load websites reminds us to be careful who we trust online. But sometimes, Safari claims it can’t establish a secure connection with the most trusted sites on the web. Here’s what to do if that happens.
Why can’t Safari establish a secure connection?
When Safari loads a website, it checks to see if that website is using a secure encryption to protect your data. If Safari can’t verify this, you might see a warning message or Safari might refuse to load the page.
Encryption is important to protect your privacy and security.
If a website doesn’t use secure encryption, third-parties could find a way to watch everything you do on that site. That might mean they learn your browsing habits. But worse, they might be able to learn the login details for accounts like your online banking.
How do I know if Safari established a secure connection?
Safari checks each website’s certificate to verify the connection is secure. Take a close look at the Smart Search bar at the top of Safari to find out how secure the current website you’re looking at is.
A grey padlock means that website has a standard certificate, and is secure.
A green padlock means that website has a more extensive, identity verification certificate. It is even more secure than the previous one.
If there is no padlock, you might see the words “Not Secure” instead. You should avoid entering any personal or financial information on these websites because you are not protected.
It’s best to avoid unsecured websites altogether, if possible.
You might also find a pop-up message alerts you to unsecured websites or bad certificates. Safari also might refuse to load the page at all if it can’t establish a secure connection.
How to fix secure connection problems in Safari
Usually, Safari can’t establish a secure connection because the website you’re visiting isn’t using a secure encryption or doesn’t have a valid certificate. This is frequently the case with fraudulent and dangerous websites.
However, sometimes Safari can’t establish secure connections even when you visit trusted sites, such as Amazon, Facebook, or Google.
If this happens, there might be something wrong with your Internet connection or app settings. Try our general Safari troubleshooting steps.
If they don’t help, follow the tips below instead.
1. Double-check the URL
It’s possible the website you’re trying to load isn’t actually the one you want to visit. Fraudsters and scammers often create fake websites designed to look like the real deal to steal your precious personal data.
Take a moment to check the URL at the top of Safari and make sure the web address is correct. Small mistakes (like .co.uk when it should be .com) mean you’re probably on the wrong site.
If you aren’t sure what the web address is supposed to be, use a reliable search engine to find that site instead.
2. Set the correct date and time
Don’t ask us why, but using the wrong date and time on your Apple device can cause all sorts of unexpected issues. It might stop you from installing the latest software update, downloading new apps, or loading secure web pages.
On a Mac, open the Apple () menu and go to System Preferences > Date & Time. Click the padlock to unlock changes, then turn on the option to Set date and time automatically.
On an iPhone, iPad, or iPod touch go to Settings > General > Date & Time. Turn on the option to Set Automatically, if it isn’t already turned on.
3. Change to a different DNS
The Domain Name System (DNS) your computer or device uses acts like a phone directory for every website on the Internet. As you enter a web address in the URL box, Safari uses the DNS to find the exact location of that page on the web.
Problems with your DNS could result in bad addresses, which might explain why Safari can’t establish a secure connection with a website.
Fortunately, it’s free and easy to change to a different DNS; you might even make Safari faster by doing so. We suggest using Google’s Public DNS, but there are plenty of other alternatives as well.
On a Mac, open the Apple () menu and go to System Preferences > Network. Select your Wi-Fi network from the sidebar, then open the Advanced menu. Go to DNS and use the Plus (+) to add the Google Public DNS servers listed below.
On an iPhone, iPad, or iPod touch go to Settings > Wi-Fi. Tap the i next to your Wi-Fi network and select the Configure DNS option. Choose Manual and remove your current DNS servers, then add the Google Public DNS servers listed below.
Google’s Public DNS servers are:
4. Set your antivirus software to trust this site
Over-zealous antivirus software on your Mac might hinder Safari’s ability to establish secure connections. If you use antivirus software, add websites to your trusted website list to avoid future problems.
Of course, you should only do this if you absolutely trust the website. When there’s any chance it could be dangerous, you shouldn’t add that website to your trusted sites.
The way to trust websites varies depending on your particular antivirus software. There’s usually a preferences or settings window that lets you do it. If you can’t find it, contact the developer for more help.
5. Tell Keychain to trust the certificate
Safari might claim a website is not secure because it doesn’t trust that website’s certificate. If you know better, open the Keychain Access app on your Mac to tell Safari to trust that certificate in the future.
Once again, you should only do this if you’re certain the website is safe.
To make Safari trust website certificates, you first need to find out exactly which certificates it uses. The easiest way to do this is with the use of a different web browser, like Google Chrome or Mozilla Firefox.
Open the page you want to visit in a different browser and click the padlock icon next to the URL address. Look for more information to find a way to View Certificates for that website. This option is in a different place with each browser.
Now press Cmd + Space and use Spotlight to open the Keychain Access app. Select System Roots and Certificates from the sidebar menus. Then use the search bar to find the website certificates you just found in the other browser.
Double-click each certificate to view its settings. In the Trust section, open the drop-down menu for When using this certificate and choose Always Trust.
Refresh the page in Safari to see if it trusts the certificates now.
6. Disable IPv6 for your network
Internet Protocol version 6 (IPv6) is the method used to identify and locate everything connected to the Internet. That includes the IP addresses for your Mac, iPhone, Apple Watch, HomePod, and much more.
Before IPv6, an older protocol was in place, called IPv4. Some websites still use IPv4 to identify devices, which may cause problems when Safari tries to establish a secure connection.
Temporarily disable IPv6 on your Mac to fix it.
Open the Apple () menu and go to System Preferences > Network. Select your Wi-Fi from the sidebar and open the Advanced menu, then go to TCP/IP.
Under the Configure IPv6 drop-down menu, select Manually and click OK.
Keep your browsing secure with a VPN
Safari works hard to keep you safe on the Internet. When Safari can’t establish a secure connection, it’s a good sign you shouldn’t trust that website.
But there are other steps you can take to enhance your Internet security as well.
Use a Virtual Private Network (VPN) on your devices to keep all your online activity private. There are plenty of free VPNs for Apple devices you can use to get started. But it’s also worth considering paid VPN subscriptions as well.
He spent two years supervising repairs as a Genius Admin for Apple Retail and uses that knowledge to keep our troubleshooting guides up to date.
Long before that, Dan turned to Apple products from a musical background. Having owned iPods for years, he bought a MacBook to learn sound recording and production. It was using those skills that he gained a first-class Bachelor of Science in Sound Technology.