Fix: Safari can’t establish a secure connection to the server

Kevin ArrowsUpdated on December 28, 2023
Kevin is a certified Network Engineer

There have been weird reports on how Safari just stops working (or decides to work selectively) after a given period. It is weird how a browser would work seamlessly, then suddenly decide to choose where and when to function. Many Mac users have encountered this strange bug/hitch. Some websites would open without a fuss on Safari while on others straight up you will get hit by the now famous “Safari can’t establish a secure connection to the server” error.

What is even more puzzling is that the usual related fixes do nothing for the error above. Clearing cookies, disabling extensions, resetting Safari, turning off Parental Controls, keychain analysis, and permissions reset all hit a brick wall. This error gets you even if you do not use proxy to connect to the net. However, there is hope. The possible causes for this bug have been narrowed down to several aspects.

2016-04-27_101628

Possible Cause 1: ISPs DNS

Click the Apple Icon and Choose System Preferences. Then click the Network icon and choose Advanced. Click the DNS tab and remove any entries in the left pane, then click the + symbol and add 8.8.8.8 and then click the plus symbol again to add 8.8.4.4.

Possible Cause 2: Weak Encryption

When weak encryption is detected, Safari is instantly cut off from the connection (it is yet to be determined what detects the weak encryption first between Safari and the Mac system). But we all know for our privacy and security, websites have to be coupled with strong encryption before a web connection can be established unconditionally. This has especially been emphasized after efforts by OS X Yosemite (Version 10.10.4) and iOS 8.4 were boosted with extra security enhancements. So once weak encryptions (or whatever the system presumes to be weak) are met, Safari will not be able to connect. That is how the “Safari can’t establish a secure connection to the server” error comes about.

Now let’s see if we can sort it out once and for all. Once an issue about encryption is fronted, the first place to seek an explanation is the certificates. Here’s how to work around it

You experience the error in Safari but not in other browsers. Open the blocked website (Facebook and Twitter are popular suspects) in another browser e.g. Firefox. Once open, just next to the URL you will identify a tiny green lock. Click on it. On the emerging window, click on the “more information” button.

2016-04-27_140920

You should land into yet another window. Here, also click on the Security tab situated at the right-hand side. Now click on “show certificate”. Switch to the Details tab.

You will be shown the current certificate for the website you opened. The syntax should be something like this: “VeriSign Class 3 Public Primary Certification Authority – G5 certificate”

2016-04-27_141342

Next, open the keychain. You can do this by clicking CMD + Space Bar; then input “Keychain”. OR go to Utilities and access Keychain from there.

Then click on system roots for all entries. You will find here your certificate and it will have a blue cross marked on it. Double click it and another window will come up. You have the option of choosing a system setting, always approve or always reject.

You will realize that the certificate was the problem all along. Usually, a certificate will be locked on to the mail server and it will prevent any other website from using it. (Your mail server should be the entry starting with the “smtp” prefix and ending with a “.dk” suffix. Why the certificate would be locked to the mail server is as good as anyone’s guess.

Change the authentication of the certificate to “System setting”

There you go! All the pages you need will be loaded flawlessly on Safari. Problem solved.

NOTE: The steps above may slightly vary depending on the type of browser in use (of course, except Safari itself)

Possible Cause 3: Antivirus

If you are not up to the task of fiddling around with certificates it might be a good idea to first check out the antivirus installed on your machine. Usually, Avast is a notorious culprit on this front. Turn off the Web Shield and see what happens. Most likely, Safari will instantly connect to the previously forbidden sites. You will be up and running, but still, there is no explanation as to why Safari had worked before and suddenly stopped. Good luck with that.

Possible cause 4: IPv6

If option 2 still did not work for you and you don’t want to go deep into certificates and what-not, try isolating the device from the wifi network it has been using. Connect it to another Wi-Fi network and see if everything opens seamlessly. If you can connect to all websites including the ones previously blocked, turn IPv6 off on your router (if available) and via System Preferences -> Network -> Your Network -> Advanced -> Disable IPv6 from here by selecting it as “Manually”

2016-04-27_142017

Kevin ArrowsUpdated on December 28, 2023
Kevin is a certified Network Engineer
ABOUT THE AUTHOR
Photo of Kevin Arrows

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.