Secure connection

  1. Security icons
  2. Protection against unsafe content on HTTPS pages
  3. Protection against untrusted certificates

Sites where visitors enter personal data use a secure connection. Browsers check the connection and warn you if it's not secure. For example, if a site has certificate problems or unsafe content, you'll see an appropriate icon in the browser's address bar.

Security icons

Security icons are displayed in the address bar. To view connection status, click the icon.

Icon examples Description
 — Yandex Browser

 — Opera

 The connection is secure. The HTTPS protocol is used.
 — Yandex Browser

 — Mozilla Firefox

 We can't guarantee that data is transferred securely. For example, the HTTPS protocol is used, but images are loaded over an insecure protocol.
 — Yandex Browser

 — Google Chrome

 The insecure HTTP protocol is used. We don't recommended entering personal data, especially payment details, on such sites. The information can be stolen by hackers.
 — Yandex Browser

 — Mozilla Firefox

 The page may pose a threat to your data. For example, the site may be a phishing one, it may have dangerous content or use an untrusted certificate.
Icon examples Description
 — Yandex Browser

 — Opera

 The connection is secure. The HTTPS protocol is used.
 — Yandex Browser

 — Mozilla Firefox

 We can't guarantee that data is transferred securely. For example, the HTTPS protocol is used, but images are loaded over an insecure protocol.
 — Yandex Browser

 — Google Chrome

 The insecure HTTP protocol is used. We don't recommended entering personal data, especially payment details, on such sites. The information can be stolen by hackers.
 — Yandex Browser

 — Mozilla Firefox

 The page may pose a threat to your data. For example, the site may be a phishing one, it may have dangerous content or use an untrusted certificate.

Learn more about security icons:

Yandex Browser

Google Chrome

Mozilla Firefox

Opera

Microsoft Edge

Safari

Protection against unsafe content on HTTPS pages

The HTTPS protocol supports encryption and is considered secure for the transfer of personal data. But an HTTPS connection is secure only if encryption applies to all page elements. Sometimes, a site page loads over HTTPS but has unencrypted plugins or JavaScript or CSS elements. Attackers can intercept and use them to hack the site. That is why browsers warn you about unsafe content and block it.

You can open unsafe content, but we don't recommend doing so.

Learn more about protection against unsafe content:

Yandex Browser

Google Chrome

Mozilla Firefox

Opera

Microsoft Edge

Protection against untrusted certificates

If you visit a phishing site, hackers get all data (such as passwords and bank card numbers) that you enter. To prevent this from happening, secure sites use digital certificates that are issued by certification centers. The certificate provides secure data encryption and ensures that the site isn't a phishing one.

If the site has certificate issues, browsers consider it untrusted and block it.

Why untrusted certificates are dangerous

On a website that doesn't have a trusted certificate, attackers can:

  • Intercept or substitute your personal data and read your correspondence.
  • Get your payment details (card number, owner's name, expiration date, and CVV2) and use them to steal money from your account.

If you need to open a site with an untrusted certificate

  1. Check and correct the date and time on your computer. If the time is set incorrectly on the computer, the browser may consider the certificate expired and block the site.
  2. Clear the cache: the certificate problem may have been fixed in the new page version.
  3. Disable browser extensions: they may change the site content.

    Yandex Browser

    Google Chrome

    Mozilla Firefox

    Opera

    Microsoft Edge

  4. Disable ad blocking: ad blockers can also replace the certificate.

    Yandex Browser

    Google Chrome

    Opera

  5. Disable the antivirus because it can replace the certificate. Please note that after you visit the site, the computer may be infected. Disable the antivirus only as a last resort.
    1. Turn off JavaScript support.
    2. Disable the antivirus.
    3. After visiting the site, turn on the antivirus and run a full scan of your computer for viruses.
  6. If nothing helps, try reinstalling the root certificates (for Windows):
    Update Windows (Control Panel → Windows Update). If that doesn't help, try downloading and importing certificates manually:
    1. Use the links to download the certificates to your computer:
    2. Certum CA and Certum Trusted Network CA certificates are downloaded in TXT format. Delete the .txt extension:
      1. Open the Control panel in Windows.
      2. Click Folder Options (in Windows 10, click File Explorer Options).
      3. On the View tab, disable the Hide extensions for known file types option.
      4. Click Apply.
      5. Open the Certum CA certificate in Notepad and save it, deleting the .txt extension. You should get the CA.pem file as a result.
      6. Open the Certum Trusted Network CA certificate in Notepad and save it, deleting the .txt extension. You should get the CTNCA.pem file as a result.
    3. To import certificates, repeat the following steps for each of them:
      1. Use the keyboard shortcut Windows + R or go to the Start menu search bar and type “Run”. In the dialog window that opens, enter the certmgr.msc command.
      2. Open the Trusted Root Certification Authorities folder and then the Certificates folder.
      3. Select Action → All tasks → Import. This will launch the Certificate Import Wizard.
      4. Click Next.
      5. Select the certificate (the downloaded file) and click Next.
      6. Make sure that the Trusted Root Certification Authorities option is selected in the Certificate Store box. Click Next.
      7. Click Finish.
      8. In the dialog window that opens, click I agree.
    4. Restart the browser.