Work computer shows "This connection is not private" warning on almost all sites
This is not a purely Apple-related question, but it's worth to reply.
TL;DR: You should go to your company's IT Security Department immediately because the certificates that encrypt your web traffic can be compromised.
Long story, your company uses a kind of proxy called "Transparent proxy" for SSL traffic. This consists of a proxy that the user doesn't have to authenticate or configure him/herself, with the addition of a SSL certificate issued by your company that replaces all the HTTPS certificates of the servers you are trying to connect to.
This is, effectively, considered as a Self-Signed certificate by your browser, and is actually making your company able to decrypt and inspect all your web traffic (TIP: stop facebooking at work =) ) . As "out-of-the-box" web browsers do not distinguish between these IT configurations from proper, evil man in the middle attacks, they present you such a warning.
In order to get rid of the warning, the companies' IT Departments install their Certification Authority Certificate, or "certificate issuer's" Certificate, in the computers' KeyChain. Secondly, they mark the CA certificates as ultimately trusted system-wide, so that the browsers recongise that situation as expected when they validate the SSL proxy certificate.
So, if you got back that warning it is because that trust chain of certificate validation initially set up by your company is, somehow, broken. From best to worst scenario, it can be because:
- Your company's proxy certificate has expired and they have to replace it
- Your computer has lost the CA certificate of your company, or it has expired, and they have to install a new one. Or a maintenance task just lost the trust settings for the certificate.
For these two above, better to check with IT for them to review all the settings. Do not take the risk of changing that trust yourself, as it would make you accountable if something further breaks... and you don't want to be accountable for a security breach.
Worse scenarios:
- Your company proxy has been hacked and the certificate has been replaced by an adversary's certificate.
- Your company traffic is proxied through another (an adversary's) proxy, that is to say, you are suffering a (very clumsy) Man in The Middle Attack
Normally, in these kind of attacks, the computers have to be malware-infected for that malware to install the adversary CA into the KeyChain; otherwise all the computers would issue such a warning.