80

We recently updated our ZNC server (don't think this matters) with a new certificate to include a Subject Alternative Name (SAN) DNS field. It works now in incognito but my existing session shows the error "This page is not secure (broken HTTPS)." with the below details:

Active content with certificate errors

You have recently allowed content loaded with certificate errors (such as scripts or iframes) to run on this site.

I am searched but am not finding anything related to more detail on this. It sounds like it will just expire on its own since it states "recently" but I am more concerned about how to get this to resolve quickly and hopefully without users having to do anything.

enter image description here

I have disabled extensions that were showing up in the network requests and am left with just a few requests now, all of which are HTTPS. I also tried a ctrl + shift + r to reload w/bypass cache, as well as dev tools 'disable cache' selected when reloading.

enter image description here

Community
  • 1
  • 1
Elijah Lynn
  • 12,272
  • 10
  • 61
  • 91

3 Answers3

208

To clear this error without a restart:

  • Open developer tools
  • Go to the Application tab
  • Clear storage
  • Close and re-open tab

Commenters have pointed out the following:

  • you must close all tabs in all windows which are open to the same domain (including subdomains)
  • you can uncheck "cookies" before clearing storage to preserve login information etc
Elijah Lynn
  • 12,272
  • 10
  • 61
  • 91
Jamie Cockburn
  • 7,379
  • 1
  • 24
  • 37
  • Thanks for this, I can't personally confirm this works but based on @Yitz's comment and the 4 upvotes so far I will accept this answer. – Elijah Lynn Oct 02 '17 at 23:18
  • 1
    This also works for a broken certificate chain not showing after you fixed it on the server, a colleague just posted a link to this answer for this issue! – Elijah Lynn Dec 06 '17 at 18:08
  • 5
    You can uncheck "cookies" before clearing storage, if you want to preserve login information. – Ferdinand.kraft Jan 29 '18 at 12:36
  • 12
    Unfortunately neither this answer, nor the answers below explain *why* this fixes the problem. – raarts Oct 31 '18 at 08:09
  • Restarting the browser was the only way that fixed this for me. – Colin 't Hart Apr 27 '20 at 16:02
  • 5
    Important caveat: you must close *ALL TABS* which are open to the site. Just the current one won't cut it. – Nick K9 May 08 '20 at 16:56
  • The issue appeared when a self-signed certificate (untrusted CA) was manually ignored on the same domain but different port (e.g. exampe.com:8080 ). Since then, Google Chrome started showing the warning on the default 443 port (with a different and valid (globally trusted CA) certificate). The reset method of the current answer helped to remove the warning and required to close all domains and subdomains (e.g. sub.example.com ). From the first glance, it looks like a bug in the browser (different ports and certificates, but it still shows the warning). – Artfaith Aug 09 '22 at 12:21
40

Restarting the browser gets rid of the "Active content with certificate errors".

Some people rarely restart their browsers though, would be good to know how to resolve this without a restart.

Update: A newer answer explains how to do this without a restart > https://stackoverflow.com/a/46390363/292408

Elijah Lynn
  • 12,272
  • 10
  • 61
  • 91
  • 2
    The error went away for me without restarting my browser. This error occurred after I added the CA that signed some internal web management server that I'd previously continued through the certificate error of. – deed02392 Aug 26 '17 at 22:50
  • The link you've provided links to this question. –  Jun 21 '20 at 08:55
  • It does, and it also links to the newer answer and should highlight it after clicking. I can't say "above" or "below" as the user sort may not be the same as mine. – Elijah Lynn Jun 23 '20 at 16:47
2

This may be equivalent to the other methods but I found it while trying to avoid restarting my browser.

  1. Click on the "Not secure" left of the URL.
  2. Click the number under Cookies (since they are almost always set) eg 4 in use.
  3. Click on each URL and click Remove.
  4. Close the tab and reopen and the warnings should have gone away and it show "Secure".
dragon788
  • 3,583
  • 1
  • 40
  • 49