Brave Desktop says connection not secure

shakty · November 24, 2022, 2:17pm

Hi,

Recently, somebody has reported that my web site is not secure, however the certificate has been installed a long ago and the setup has been working nicely in the past.

I tested that only Brave Desktop is throwing the warning (see images below), but it works fine with my other browsers (Opera, Firefox, Chrome). I wasn't able to verify the browser of the person who has reported the warning.

Many thanks for any help!

Info:

My domain is:

stateofcrypto.net

I ran this command:

certbot certificates

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Found the following certs:
Certificate Name: stateofcrypto.net
Serial Number: 355c22ffbd4d058a10f95e28bb4b1dac745
Key Type: RSA
Domains: stateofcrypto.net survey.stateofcrypto.net www.stateofcrypto.net www.survey.stateofcrypto.net
Expiry Date: 2023-02-20 21:48:10+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/stateofcrypto.net/fullchain.pem
Private Key Path: /etc/letsencrypt/live/stateofcrypto.net/privkey.pem

I can login to a root shell on my machine (yes or no, or I don't know):

Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

Custom setup

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1.32.0

Web server is Nginx and system is Linux, Debian, I believe.

shakty · November 24, 2022, 2:25pm

I forgot to mention that there is no warning for www.stateofcrypto.net in Brave.

MikeMcQ · November 24, 2022, 2:37pm

I don't see anything wrong with your certs either. You are redirecting http requests to https and your cert contains both domain names. The SSLLabs report gives you an A

The screen snap even says the cert is valid. Did the "Learn more" option give any other reasons for this error?

Another volunteer may have come across this but you may want to search the Brave forums for a solution.

danb35 · November 24, 2022, 2:51pm

I can't duplicate this even in Brave:

shakty · November 24, 2022, 3:46pm

Many thanks for your answer! I will dig into the Brave forum then.

Osiris · November 24, 2022, 5:29pm

Maybe some dynamically loaded element over HTTP? Check the console or security tab in the developer toolbar.

webprofusion · November 25, 2022, 2:31am

Brave has stricter settings regarding privacy protection than some other browsers do, as a result certain things will fail in Brave that will pass in other browsers.

Currently your homepage seems fine though, if you click other pages such as About or Story the developer tools console is showing various ad trackers being blocked but these shouldn't result in "Not Secure".

You should review the dev tools console to see if it's complaining of something specific.

system · December 25, 2022, 2:31am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.