‘Connection Is Not Private’ on your website

It’s been brought to our attention that some Apple users have been seeing error messages when accessing websites whose SSL certificates were issued between 21st April and 27th April 2021.

If Apple users are accessing your website, you will need to reissue (or ‘rekey’) your certificate to resolve the error message.

This process does not require an additional fee. However, you will need to download and reinstall the rekeyed certificate to ensure your server remains secure.

What is happening?

Apple users who have upgraded to the latest version of iOS (14.6) or macOS (11.4) have been seeing a “The Connection Is Not Private” warning when the website with an affected SSL certificate is viewed in a browser.

Just to reassure you – there is no security risk to your site, and the connection remains private. The issue is as a result of Apple updating their root program requirements.

The good news is there’s a simple solution. You can find out how to rekey, download and reinstall your certificate below.

What you need to do

Resold/Shared Hosting Customers (Including Windows, Linux, and cPanel Shared hosting)

Unfortunately our resold and shared hosting customers are unable to reinstall a re-keyed certificate themselves, and should Contact our Support Teams for help.

Managed/Unmanaged Virtual and Dedicated Server Customers

Rekey your certificate

1. Go to your Heart Internet Client Area
2. Go to Manage Secure Server (SSL)
3. Find your SSL certificate in Service list and select Manage
4. Select Rekey your certificate
5. In the Certificate Signing Request (CSR) field, paste your new CSR, including ----BEGIN NEW CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----, and then select Add Change
6. Select Submit All Changes

Your newly re-keyed certificate will become available shortly after submitting the new CSR, and we'll email you when the certificate is available for installation.

Please note: During the rekey process, you may need to verify your certificate request. You’ll get an email from us if this is necessary.

Download your certificate files

1. Under Download Certificate, select a server type (e.g. Apache, Windows, Nginx)
2. Select Download Zip File

Your certificate will be downloaded.

Install your certificate

You must install the SSL certificate within 72 hours of issuance to keep your server secure.

How you install your certificate depends on the type of server you are using, for example cPanel, Apache or Microsoft Exchange Server.

Here are instructions for installing certificates on a few of the most popular options…

• cPanel
• Apache (CentOS)
• Microsoft IIS 7
• Nginx

For everything else, please refer to your server documentation.

Once the certificate is installed, customers with macOS 11.4 or iOS 14.6 will not see the warning.

Need help?

We’re always here to help. If you have questions about any of the above, please reach out to our support team through your Client Area by raising a ticket with the subject ‘SSL Certificate Rekey’.