I can't open certain websites on my MacBook air. I say's this connection not private.

The issue is related to the DST Root X3 certificate has expired as of September 30. 2021. But there is a solution!

Two solutions:

1. Update your Mac to the newest available OS (10.12 or later)
2. Update the certificate in keychain.

The easiest way to do this is to transfer your System Root certificates from another Mac to which you have access that runs a more modern version of macOS.

1. First find the more modern Mac with a working set of System Root certificates (i.e. that can access the problematic web sites)
2. On that Mac, launch Keychain Access, select "System Roots", select all the certificates, select File->Export, and export them as rootcerts.pem file. This file will contain all the certificates concatenated.
3. Copy the rootcerts.pem file to your antique mac
4. Make the trustroot shell script below, e.g. by copying it into a file, then using chmod 755 trustroot
5. Run sudo ./trustroot rootcerts.pem

#!/bin/bash
DIR=${TMPDIR}/trustroot.$$
mkdir -p ${DIR}
trap "rm -rf ${DIR}" EXIT
cat "$1" | (cd $DIR && split -p '-----BEGIN CERTIFICATE-----' - cert- )
for c in ${DIR}/cert-* ; do
   security -v add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "$c"
done
rm -rf ${DIR}

What the script does is splits the .pem file into a number of certificates in the temporary directory concerned, then adds them as trustRoot certificates to the System key chain; they will then operate as trusted roots in addition to the certificates in the original "System Roots" keychain. In case you were wondering, you cannot add them to the System Roots keychain as that can only be updated by the operating system.

Note this copies over the first group of certificates ("Trusted Certificates" in the question), but not the second nor the third.

Source: https://apple.stackexchange.com/questions/422332/how-do-i-update-my-root-certificates-on-an-older-version-of-mac-os-e-g-el-capi

In case anyone is still affected, Firefox works fine, or to fix in Safari:

1. open your keychain and locate the certificate under System Roots > Certificates called "DST Root CA X3"
2. double click and select Trust: When using this certificate: Always Trust
3. Close and enter system password

then when you visit an affected website the certificate will update in the browser to the correct/newer one "ISRG Root X1".

Unfortunately it's not helpful. First off because this website you link is also not visible. The problem resides with identrust dst root ca x3 certificate expiring. Suposedly all you need to do is update your OS but I can't seem to find a solution.

“the IdentTrust DST Root CA X3 — was set to expire on September 30. After expiry, computers, devices and web clients — such as browsers — will no longer trust certificates that have been issued by this certificate authority.”

in https://techcrunch.com/2021/09/21/lets-encrypt-root-expiry/

darkstar2002 wrote:

I am also having problems with websites and facebook games... I have an older, 2009 iMac.... what can/should I do to fix this? There is nothing to update. Thanks.

These directions should get the certificate chain updated on a Mac running 10.11 or older:

https://mjtsai.com/blog/2021/09/24/some-web-sites-will-stop-working-with-el-capitan-and-older/#comment-3538503

smnnms wrote:

1. In case anyone is still affected, Firefox works fine…

Firefox has its own certificate store and will work with the newer root certificate. For Safari or any installed apps that might be making secure connections to a website or to some other network service using the Apple-provided certificates, not so much.

Thank you, got me sorted quite easily.

For a bit more detail there's later thread https://apple.stackexchange.com/questions/428460/how-to-update-my-root-certificates-on-an-older-version-of-macos-e-g-el-capitan

See the Mac section of https://osxdaily.com/2021/03/17/fix-safari-connection-not-private-warning-iphone-ipad-mac/

Not sure why -- I just tested that link in both the current version of Safari and the current version of Chrome on a Mac and had no issues with either.

I am also having problems with websites and facebook games... I have an older, 2009 iMac.... what can/should I do to fix this? There is nothing to update. Thanks.