Error Ssl Context Is Not Usable Without Certificate And Private Key

If your WordPress website fails to load over a secure connection due to an error such as ERR_SSL_PROTOCOL_ERROR then you’re in the right place. In this article, we’ll explain what this type of error means and walk you through the steps needed to fix it to get your site back up and running!

The problem is that the “CCA India 2011” root certificate is included in Windows Root CA list, but not yet included in Mozilla's list (see #511380 and #557167, but that is for “CCA India 2007”, and the new 2011 cert with the SHA256 hash is not mentioned at all). Therefore all certs signed by the “CCA India 2011” root will not be.

  • Verify a Private Key. Below is the command to check that a private key which we have generated (ex: domain.key) is a valid key or not $ openssl rsa -check -in domain.key. If the private key is encrypted, you will be prompted to enter the pass phrase. Upon the successful entry, the unencrypted key will be the output on the terminal.
  • Using -mysqlxport=value, I also still see this; 2016-06-13T05:67Z 0 Warning Plugin mysqlx reported: 'Failed at SSL configuration: 'SSL context is not usable without certificate and private key' 2016-06-13T05:83Z 0 Note Plugin mysqlx reported: 'Using YaSSL for TCP connections' It first fails, then it uses it?

This error can be caused by various issues with your website server or your local computer, or even a combination of both. It’s commonly experienced in Chrome, but it can vary based on the browser you’re using.

Google Chrome

In Google Chrome this error will show as ERR_SSL_PROTOCOL_ERROR and will say that the domain sent an invalid response.

This site can’t provide a secure connection.

Microsoft Edge

In Microsoft Edge, it will simply show as “Can’t connect securely to this page” (as seen below). However, the next part of the error is what is helpful.

This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.

ERR_SSL_PROTOCOL_ERROR in Microsoft Edge

Mozilla Firefox

Error ssl context is not usable without certificate and private key bank

In Mozilla Firefox ERR_SSL_PROTOCOL_ERROR triggers a warning about the failed secure connection as seen below.

Error Ssl Context Is Not Usable Without Certificate And Private Keyboard

Warning: Potential Security Risk Ahead

Unlike Google Chrome and Microsoft Edge, the Firefox error page offers a little more information about possible courses of action should this type of error occur.

8 Things to Do When Experiencing ERR_SSL_PROTOCOL_ERROR:

  1. Clear SSL State.
  2. Verify SSL Certificate (DNS settings haven’t fully propagated yet).
  3. Check the System Time and Date.
  4. Clear Browser Cache and Cookies.
  5. Disable Browser Extensions.
  6. Update Browsers to Latest Version.
  7. Update Your Operating System.
  8. Temporarily disable Antivirus and Firewall (Sometimes these software might incorrectly block a secure connection).
Support

What is a Secure Connection Anyway?

If you’re wondering what a webpage loading over secure connection is, then a little background information may be helpful.

You may have noticed that website addresses typically begin with HTTP or HTTPS. These are called protocols which are basically a set of rules for determining how web pages are transmitted from the server (where your website is located) to the browser. HTTPS is a secure protocol based on HTTP and is widely used as it has a number of significant advantages including improved SEO and a high level of security.

A downside to using HTTPS is that there are strict rules in place that need to be adhered to before a secure webpage can be displayed. This means that there’s more that can potentially go wrong compared to non-secure HTTP connections.

One of these requirements needed to make a website work with an HTTPS connection is that you must have a valid SSL certificate installed and configured correctly. Invalid SSL certifications can cause problems preventing users from accessing websites. For example, the “Your Connection is Not Private” error.

When your SSL certificate is working properly then a padlock icon is displayed next to the website address in the browser window. If you click on the padlock a popup window displays a confirmation notice that the website has been loaded over a secure connection and any information sent to the server from your website (e.g. form submissions) will also be transmitted securely.

Most website visitors these days have come to expect HTTPS connections over the entire site. Long gone are the days when the only secure pages on your site were limited and specific areas such as the admin, login, and shopping cart.

Traditionally, it was deemed unnecessary (and overkill) to use a secure connection site-wide in-part due to the prohibitive expense of SSL certificates. All that has changed now though with free SSL certificates being readily available, so HTTPS has become standard practice.

Taking Stock of Your Site

Before we take a look at some of the possible underlying root causes of ERR_SSL_PROTOCOL_ERROR, it would be useful for you to take a moment and recall any recent changes that may have been made to your site.

Usually, once you have a secure connection up and running it’s pretty stable. And most of the time, issues occur when something has been changed either on the server side for existing websites, or when setting up your site for the first time.

Have you recently changed hosts or tried to install a new SSL certificate? This is the most common reason for this error to occur.

Error Ssl Context Is Not Usable Without Certificate And Private Key West

Being aware of recent site changes may give you a strong indication of what could be causing the secure connection issue.

Solutions to ERR_SSL_PROTOCOL_ERROR

Work through the solutions in the following sections one-by-one until your secure connection error is fixed.

Error Ssl Context Is Not Usable Without Certificate And Private Key Bank

This type of error can occur locally, or on the server, and so some steps focus on your local computer/browser settings, while other steps consider problems related to the server setup and how the SSL certificate has been configured.

Clear SSL State

Error Ssl Context Is Not Usable Without Certificate And Private Keys

The first thing to try is clearing the SSL state in Chrome. The browser stores SSL certificates in a cache to speed up subsequent connections once an initial secure connection has been made to a website.

This is to optimize page load times as otherwise, every HTTPS request would require the SSL certificate to be downloaded and authenticated which wouldn’t be great for performance.

When migrating a website to Kinsta, problems may arise when the DNS settings have been updated to point at Kinsta servers and the free SSL certificate from Let’s Encrypt has been installed.

After the DNS settings have propagated and the site is accessed in a browser a secure connection, the error can sometimes be displayed due to the browser cache storing an outdated version of the SSL certificate.

To fix this, try clearing the SSL state cache. Once done restart your browser and try connecting to your website again.

If you’re using macOS see these instructions on how to delete an SSL certificate.

Verify SSL Certificate

A similar issue occurs when an SSL certificate is generated but the DNS settings haven’t fully propagated yet. In this case, the SSL certificate won’t be associated with the correct domain at the time of creation.

If you’re a Kinsta client, you can check if your SSL certificate is installed by visiting the MyKinsta dashboard and making sure there is a green checkmark next to the certificate settings.

SSL certificate properly installed

You can also perform a site-wide scan with an online SSL checker tool to verify that there are no issues with your SSL certificate. This type of check is pretty reliable and bypasses your browser cache to determine if the certificate is valid.

We recommend using the SSL check tool from Qualys SSL Labs which is the one we use internally at Kinsta.

Simply enter your domain into the Hostname field and click on the Submit button. Once the scan is complete a report is displayed with the results of the SSL certificate checks. If all is well you should see something like this:

SSL Report Qualys

You can find more in-depth information on how to check your SSL certificate is working properly here.

Check the System Time and Date

If the SSL certificate is valid and clearing SSL state doesn’t work, then it’s time to look at your local computer to identify the source of your ERR_SSL_PROTOCOL_ERROR.

(Suggested reading: if you’re using legacy TLS versions, you might want to prevent ERR_SSL_OBSOLETE_VERSION Notifications in Chrome).

First, check whether the operating system time and date are set correctly otherwise your SSL certificate may have problems being authenticated.

This is because SSL certificates have a fixed expiry date and, if your current system time and date aren’t correct, then it may conflict with the authentication process.

A valid time and date is always assumed when a secure connection is made, which is why it’s important to make sure the correct value is retrieved from your local system.

To check the time and date in Windows 10, press the Windows Key + X keys and select System from the popup context menu. This will bring up the Settings window.

In the Find a setting text box, start typing “time” and select Change the date and time from the dropdown options. Then, in the Date and time settings window check the time and date are correct before continuing.

On macOS, click the Apple icon in the top left corner of the screen and select System Preferences from the drop-down menu, and select Date and Time from the list.

System preferences in macOS

You’ll then be able to update your system time as necessary.

Tired of dealing with security issues with your host? At Kinsta, we provide world-class security support, continuous monitoring for uptime, and hardware firewalls. Check out our hosting plans

Clear Browser Cache and Cookies

You can also try deleting your browser cache if it’s been a while since it was last cleared. We recommend that you also delete browser cookies too, but bear in mind that any sites you’re currently logged into will require you to log in again the next time you visit them.

Error ssl context is not usable without certificate and private key bank

Disable Browser Extensions

If you have multiple browser extensions enabled, then this could potentially be the source of the error. Temporarily disable browser extensions one-by-one to see if there’s one causing issues with HTTPS requests.

To disable Chrome extensions, click the three dots icon located towards the top right of the browser window and select More Tools > Extensions from the popup menu.

Toggle all the enabled browser extensions one at a time to disable them, accessing your site in-between each one. If an extension appears to be causing the ERR_SSL_PROTOCOL_ERROR issue, then either remove it or leave it disabled until you can find out more information on the nature of the error.

If no update is available to fix the issue, it’s probably best to remove the extension completely.

Update Browsers to Latest Version

The final browser-related step is to update Chrome to its latest version.

Running older versions of a browser increases the chances that you’ll experience secure connection issues such as ERR_SSL_PROTOCOL_ERROR.

New and updated security features are always added to modern browsers and bugs are fixed on a regular basis and keeping things up-to-date is a best practice you should follow.

The Chrome browser makes this easier as it checks for updates automatically every time you launch the software. However, if you keep browser tabs always open, then you should remember to restart
the browser from time to time to trigger update checks.

Update Your Operating System

Keeping your operating system up-to-date is important as well, especially if it’s been some time since the last update.

If you have automatic updates turned on for Windows 10, then you don’t need to worry about this so much. But not all operating systems apply updates automatically so it’s worth checking if there are any available for your Operating System.

On macOS click the apple icon and select About This Mac which will open a tabbed window:

About this Mac

If a system update is available you’ll see a Software Update button. Click this to install the latest updates. You can also check for macOS updates via the App Store just like you would for any other app.

If you’re faced with a lengthy operating system update, you might want to just reboot your computer before running it as a quick workaround. This is much quicker than installing full operating system updates and could potentially solve the secure connection issue.

Temporarily Disable Antivirus and Firewall

It’s very important to have an antivirus and firewall software active on your system. These tools do a great job of protecting you from all sorts of online security issues.

As part of this protection, your antivirus software usually checks for issues with HTTPS connections to make sure nothing unexpected is happening. Sometimes, though, the software might incorrectly block a secure connection when it shouldn’t.

To check this isn’t the case, temporarily disable it and check your website again. If necessary, disable your firewall as well and check your website again.

Remember to always re-activate your antivirus software and firewall as soon as possible as you don’t want to leave your system unprotected.

Check Server Log for Error Messages

If you’ve reached this stage and still haven’t resolved the ERR_SSL_PROTOCOL_ERROR issue, things might be a bit more complicated than what we thought in the beginning.

To help identify general website issues, including connection errors, it can often help to check your server log and take a look at recent activity. This may well give more insight into what’s causing the issue.

If Everything Else Fails

Error ssl context is not usable without certificate and private keys

If you still can’t find what’s causing the issue then it’s time to let us know. We’re here to help as always!

We’ll need to look deeper into what’s causing the issue so please contact support with as much relevant information as possible to get this issue resolved quickly.

If you enjoyed this tutorial, then you’ll love our support. All Kinsta’s hosting plans include 24/7 support from our veteran WordPress developers and engineers. Chat with the same team that backs our Fortune 500 clients. Check out our plans