About the UI displaying "Not secure"

ZT Browser is developed based on the open-source Chromium, the default UI to the HTTP website displays "Not secure", which is also the default display of all browsers, because the HTTP protocol is not encrypted, all information from browser to servers is transmitted in cleartext, which is very easy to be illegally stolen and illegally tampered and cannot ensure the security of confidential information. Please refer to the innovation UI Icon Summary of ZT Browser for details.

About the ZT Browser UI displaying Not secure

The only solution is to deploy SSL certificate on the website to implement HTTPS encryption, so that the browser will not display "Not secure", but a secure padlock. This requires users to apply for SSL certificate from CA, with free or charged. After applying for the SSL certificate, users need to install the SSL certificate on the server, configure and enable the SSL certificate to implement HTTPS encryption.

About the ZT Browser UI displaying Not secure

But if the website fails to correctly deploy the SSL certificate, ZT Bowser will display the red "Not secure" warning, such as: the certificate is revoked, the certificate is expired, the domain name is not matched, the SHA1 certificate, the SCT data without or invalid, the root certificate is not trusted, etc., the specific meanings are as follows. There is also a special case that needs to be noted. If the webpage contains unsecure elements or has an unsecure HTTP hyperlink, the browser still shows the security padlock, but clicking on the padlock will display "Your connection to this site is not fully secure". Therefore, it is recommended to delete the unsecure elements in the webpage and modify the unsecure HTTP hyperlink to HTTPS hyperlink.

ERR_CERT_AUTHORITY_INVALID
The root certificate is not trusted
ERR_CERT_COMMON_NAME_INVALID
The domain name is not matched
ERR_CERT_DATE_INVALID
The certificate is expired
ERR_CERT_REVOKED
The certificate is revoked
ERR_CERT_WEAK_SIGNATURE_ALGORITHM
Weak signature algorithm used (MD5、SHA1)
ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
the SCT data without or invalid
ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION
Cannot fallback to unsecure protocol
ERR_SSL_WEAK_EPHEMERAL_DH_KEY
Weak Diffie-Hellman key used
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
TLS version or cipher strength too low
ERR_CERT_VALIDITY_TOO_LONG
The certificate validity is too long


It can be seen that in order to not prompt "Not secure" for the browser, user must apply for the SSL certificate and install the SSL certificate. However, this is a relatively painful process, especially the virtual hosting website cannot install the SSL certificate at all. In order to reduce the pain of users and allow the virtual hosting website to eliminate the "Not secure" warning, it is recommended to choose the ZoTrus SM2 HTTPS Automation Management Solution, customers can choose a suitable solution according to their own business system management needs, it has two main application scenarios: HTTPS encryption automation and SM2 HTTPS encryption transformation. The former mainly solves the problem of automatic deployment of RSA/ECC algorithm SSL certificates, because many websites and various business management systems are still not deployed SSL certificates, these systems only need to deploy RSA/ECC algorithm SSL certificates, and do not need to be transformed to support SM2 SSL certificate, but they need to realize automated certificate management. The latter requires not only the deployment of RSA/ECC SSL certificates, but also the deployment of SM2 SSL certificates, and the automatic management of dual-algorithm certificates.

ZoTrus Cloud SSL