Nothing brings your work to a screeching halt quite like an error message – especially if it involves security. A notice reading, “This site can’t provide a secure connection” can be confusing and alarming. If you’re receiving it on your MAMP installation, it can also be disruptive, since these sites are often local testing installations.
In this article, we’ll take a look at the most common causes of this error message. Then we’ll walk you through how to troubleshoot and fix it, so you can get back to more important things. Let’s jump right in!
An Introduction to the “This Site Can’t Provide a Secure Connection” Error
First of all, what is a “secure connection” exactly? Essentially, it’s a connection to a website that uses HTTPS rather than HTTP. Most browsers display these sites with a padlock icon in the address bar to indicate that the connection is secure.
The “This site can’t provide a secure connection” error indicates a problem with the SSL certificate. In other words, the site is claiming to be HTTPS-compliant, but either it’s not providing a certificate, or using an invalid one. If the certificate can’t be verified, the browser won’t load the site and will present this error message instead.
One other thing to note about this notification is that its presentation can vary significantly from one browser to another. However, in every case, the message will mention secure connections in some form.
Here’s what the message looks like in Google Chrome:
In Mozilla Firefox, here’s how it will appear:
And this is what it looks like in Microsoft Edge:
As you can see, most browsers don’t provide much information about the error message. Firefox at least provides a little direction to get you started, but it’s still fairly vague. Don’t worry – we’ll clear up any confusion in the rest of this article.
Why the “This Site Can’t Provide a Secure Connection” Error Occurs
Now, just because you see a warning about site security doesn’t necessarily mean the site isn’t secure. While that’s a possibility, it’s more often something more benign. Common causes fall into two categories: problems with your web browser, and problems with the site or system configuration.
If you see the error in one browser, but the page works fine in others, that indicates an issue with your browser (usually the cache). If the error appears in all browsers, you know the issue is with either the computer you’re using or the site itself.
Let’s explore the most common causes of this error message:
- Your local environment doesn’t have an SSL certificate. If you’re using a local environment such as MAMP, you likely don’t have a certificate for your site. This should be the first step in your troubleshooting, as it’s probably the cause of your issue. If you’re looking for a powerful local development tool that includes automatic SSL certificates for all sites, check out DevKinsta.
- Outdated SSL caches in the browser. This is one of the more popular causes. Web browsers store SSL certificates in a cache, much like other data. This means they don’t have to verify the certificate every time you visit a site, which speeds up browsing. However, if your SSL certificate changes and the browser is still loading an older, cached version, it can cause this error to pop up.
- Incorrect time and date settings on your computer. If your computer is set to the wrong time and date, it can cause problems with authenticating an SSL certificate. Fortunately, this is a fairly easy fix.
- Rogue browser extensions. A misconfigured or misbehaving browser extension can also cause issues with certificate authentication. While this could be malicious, it’s more often a simple coding error.
- Overzealous antivirus software. Similarly, antivirus software that scans your connections in real time can sometimes throw up this message. It could be due to a coding mistake or simply overly-aggressive settings.
- An invalid or expired SSL certificate. If your site’s SSL certificate is expired or otherwise invalid, you’ll see this error. Certificates need to be renewed periodically.
In the next section, we’ll walk through how to solve the MAMP secure connection error.
How to Fix a “This Site Can’t Provide a Secure Connection” Error When Using MAMP (In 6 Steps)
As we mentioned earlier, with a MAMP installation, the most likely culprit of this issue is that your localhost environment is lacking an SSL certificate. Fortunately, it’s relatively easy to create one using OpenSSL, and doing so should resolve your error message. The following instructions are designed for macOS users, but they should also work on Linux.
Step 1: Create a Root SSL Certificate
First, you’ll need to create a root SSL certificate. This enables you to sign additional certificates for your domains.
To get started, open up the Terminal application on your computer and enter the following command:
openssl genrsa -des3 -out rootCA.key 2048
This command generates an RSA-2048 key with the file name rootCA.key. You’ll use this key to create the root certificate. You’ll be asked to enter a password – make note of it, because you’ll need it to use the key when generating certificates.
Next, you can enter the following command to create the root SSL certificate:
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
The certificate will save to the rootCA.pem file. The “1024” represents the number of days the certificate will remain valid – you can change this to whatever you want.
Step 2: Trust the Root Certificate
With your root certificate in place, the next step is to tell the Operating System (OS) to trust it. This ensures that any future certificates created with it are trusted by default, saving you time.
To do so, open the Keychain Access app on your macOS and click on System and Certificates in the sidebar. Next, select File > Import Items, followed by the rootCA.pem certificate created in the last step.
Looking for high-performance WordPress hosting powered by Google Cloud Platform’s fastest servers? Check out our plans.
Once it’s imported, double-click it and change the When using this certificate option to Always Trust. Now you’re ready to create an SSL certificate for your domain.
Step 3: Create OpenSSL Configuration Files
Next, you’ll need to create a configuration file that houses the OpenSSL settings you want to use when creating certificates. To get started, create a file called server.csr.cnf. It should contain the following:
[req] default_bits = 2048 prompt = no default_md = sha256 distinguished_name = dn [dn] C=US ST=RandomState L=RandomCity O=RandomOrganization OU=RandomOrganizationUnit [email protected] CN = localhost Save this file, then create another one named v3.ext, and add the following: authorityKeyIdentifier=keyid,issuer basicConstraints=CA:FALSE keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment subjectAltName = @alt_names [alt_names] DNS.1 = localhost
Next, you’ll generate a key to sign your domain SSL certificate.
Step 4: Generate a Certificate Key for localhost
Head back to the Terminal application and enter the following command to create a key for localhost:
openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <( cat server.csr.cnf )
The key is stored in the server.key file.
Step 5: Create an SSL Certificate for Your Local Domain
We’re almost done! Now it’s time to generate the SSL certificate for localhost. You can do so by entering the following command in the Terminal application:
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile v3.ext
This command creates a certificate file called server.crt.
Step 6: Activate the SSL Certificate for localhost
Finally, copy the server.key and server.crt files created in the previous two steps to your MAMP installation folder. You can now enable HTTPS on your local installation of WordPress without receiving the “This site can’t provide a secure connection” error.
The “This site can’t provide a secure connection” message in MAMP not only prevents access to your site, but it can also be concerning due to the potential security implications. Fortunately, it’s usually benign and relatively easy to fix.
This error typically indicates a problem with either your browser’s configuration or the SSL certificate on your site (on localhost, this usually means you don’t have one at all). Fixing it simply involves generating an SSL certificate for localhost using OpenSSL. By following the tips listed above, you should be able to resolve this error quickly so you can get back to work.
Save time, costs and maximize site performance with:
- Instant help from WordPress hosting experts, 24/7.
- Cloudflare Enterprise integration.
- Global audience reach with 29 data centers worldwide.
- Optimization with our built-in Application Performance Monitoring.