To put a bit more context on that, for anyone that wants to know why this happens…

Back in the day when people only looked at pictures of fluffy bunnies on the Internet the connection was not encrypted.  Anyone intercepting the traffic could read it.  It was not encrypted because that takes time and would slow down an already painfully slow connection.  (And, who cares if some sees you’re addicted to fluffy bunny pictures?)

Scroll forward to today, people do online banking, give out credit card details for online shopping etc., so the need for encryption becomes far greater.  (Plus, the connection is a lot faster, so the performance issues no longer apply).  The form this encryption takes uses a “certificate”.  Not a certificate in the paper sense but certification that the server at the other end is genuine.  That certificate also provides an encryption key.  (That’s actually quite an over simplification, but essentially true).  This key allows you to encrypt the connection so no one can intercept it and read it.  Useful if you are sending your credit card details.

Modern browsers today check for this encryption, known as HTTPS, (Hypertext Transfer Protocol-Secure).  If the website still uses the older unencrypted HTTP it puts up a warning that this connection is “not private” or “not secure”.  It doesn’t necessarily mean someone is intercepting it and reading it, of course, only that it is possible.  Similarly, if the browser finds a problem with the certificate presented by the server, such as it being out of date, it flags the same error.

It’s all too easy to forget to renew a certificate.  I’ve been caught out once like that myself but once bitten twice as shy.