About the UI displaying "Not secure"

ZT Browser is developed based on the open-source Chromium, the default UI to the HTTP website displays "Not secure", which is also the default display of all browsers, because the HTTP protocol is not encrypted, all information from browser to servers is transmitted in cleartext, which is very easy to be illegally stolen and illegally tampered and cannot ensure the security of confidential information. Please refer to the innovation UI Icon Summary of ZT Browser for details.

About the ZT Browser UI displaying Not secure

The only solution is to deploy SSL certificate on the website to implement HTTPS encryption, so that the browser will not display "Not secure", but a secure padlock. This requires users to apply for SSL certificate from CA, with free or charged. After applying for the SSL certificate, users need to install the SSL certificate on the server, configure and enable the SSL certificate to implement HTTPS encryption.

About the ZT Browser UI displaying Not secure

But if the website fails to correctly deploy the SSL certificate, ZT Bowser will display the red "Not secure" warning, such as: the certificate is revoked, the certificate is expired, the domain name is not matched, the SHA1 certificate, the SCT data without or invalid, the root certificate is not trusted, etc., the specific meanings are as follows. There is also a special case that needs to be noted. If the webpage contains unsecure elements or has an unsecure HTTP hyperlink, the browser still shows the security padlock, but clicking on the padlock will display "Your connection to this site is not fully secure". Therefore, it is recommended to delete the unsecure elements in the webpage and modify the unsecure HTTP hyperlink to HTTPS hyperlink.

ERR_CERT_AUTHORITY_INVALID
The root certificate is not trusted
ERR_CERT_COMMON_NAME_INVALID
The domain name is not matched
ERR_CERT_DATE_INVALID
The certificate is expired
ERR_CERT_REVOKED
The certificate is revoked
ERR_CERT_WEAK_SIGNATURE_ALGORITHM
Weak signature algorithm used (MD5、SHA1)
ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
the SCT data without or invalid
ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION
Cannot fallback to unsecure protocol
ERR_SSL_WEAK_EPHEMERAL_DH_KEY
Weak Diffie-Hellman key used
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
TLS version or cipher strength too low


It can be seen that in order to not prompt "Not secure" for the browser, user must apply for the SSL certificate and install the SSL certificate. However, this is a relatively painful process, especially the virtual hosting website cannot install the SSL certificate at all. In order to reduce the pain of users and allow the virtual hosting website to eliminate the "Not secure" warning, it is recommended to choose the ZoTrus Website Security Cloud Service. It is a comprehensive website security solution that integrates HTTPS encryption, cloud WAF protection, and website trusted identity validation, to achieve the three website security protections with one click. If you want to know more about the details of the Website Security Cloud Service, please visit the CEO Blog related articles, and welcome to purchase this innovation service!